Reputation: 13
Hiding the API key in React
We have an application that uses an API key (Accesstoken). We would like to hide the API key in a .env file.
We have gone through the following steps.
Created a .env file in the source folder (with the .gitignore)
Added in the .env REACT_APP_ACCESSTOKEN = pk.ffe1Ijo.......
In the terminal added the npm install dotenv
Added the into our map.component file - import dotenv from 'dotenv' dotenv.config() const accessToken = process.env.REACT_APP_ACCESSTOKEN;
Added to webpack.config.js -
externals: ["fs"], resolve: { extensions: ['.js', '.jsx', '.ts', '.tsx'] },
Now we get the error message in the web browser console that fs is undefined. Or that the Acesstoken is not found.
Upvotes: 1
Views: 1454
Answers (1)
Reputation: 120
As per the create-react-app documentation, unless you're creating toy apps, it's not a good idea to store secret keys in your React app.
But, in case you really need to:
If you're using create-react-app, there's no need to install a separate dotenv library, as it's supported out of the box.
Otherwise, dotenv-webpack is probably something you can try. See this other SO question.
Upvotes: 1
Related Questions
- How do I hide an API key in Create React App?
- How could I hide API key in my React app and host the working version in GitHub
- How to hide API Keys in React public html file
- how to hide API key in react app using .env file
- React: Hide API keys
- Hiding api key with firebase function
- How to Hide API Keys In MERN Stack application?
- How to hide API key and still run heroku app?
- How to hide api key in getInitialProps
- Hiding API Key in React