Reputation: 3291
Open-sourcing code with Parse.com client key and application id safe?
I want to put my application that uses Parse on Github. Should I remove my application id and client key? Parse documentation says that "The application ID and client key are not secret, and by themselves they do not secure an app." I'd rather leave them so if people compile the app the database would be there and working, but I'm worried about the security of this, especially since it exposes my client id and I have some other apps on Parse under this account. How is it usually done?
Upvotes: 2
Views: 444
Answers (1)
Reputation: 16874
You can provide an initial data-set with sample data as a JSON or CSV file for people to import, or include a Cloud Function that does the initial creation of all the classes if you just want empty tables.
I would recommend against including your own keys as you'll be liable if they exceed the limits of a free database.
Upvotes: 2
Related Questions
- how to associate an application with Parse?
- How is the Parse app id kept safe when using the JS SDK?
- parse.com security
- Using Parse master key from the server and not cloud code
- The threat of your app being decompiled and modified to bombard parse
- About Parse.com client side sharing app & api keys
- Parse.com security : Access object of another app if you know the objectId
- Is using parse.com framework safe?
- Parse.com API security concerns
- Parse.com cloud app with client javascript production and development keys