Reputation: 123
streamlit API key hidden from deployed app
I have created a Streamlit app that grabs some data using a private API key and then does some wrangling and outputs a CSV file. The data grab uses an API key that needs to be hidden from the final user of the app. I am wondering whether this is possible, as when you deploy the app locally to be run from the cmd line, the user will have access to the repo. Alternatively, if you deploy the app on Heroku or something similar it seems that you have to include the API key in a TOML file using Secrets Management: https://docs.streamlit.io/streamlit-cloud/get-started/deploy-an-app/connect-to-data-sources/secrets-management
Is there a way of deploying the app to the end user without them having access to the API key?
Thanks
Upvotes: 0
Views: 760
Answers (1)
Reputation: 68
Store the API key as config vars on heroku (from the dashboard go to Settings --> Reveal Config Vars). Then in your python code you can access them using os.environ["<key>"] instead of using st.secrets["<key>"].
Upvotes: 1
Related Questions
- How to hide developer key
- How can I hide my api keys when deploying an app in a virtual machine on the cloud?
- How to hide an API key when deploying a website to Netlify
- Securing API key from reverse engineer in a React-Native app
- How can I hide api key in bixby-studio?
- How to hide Steam Web API key?
- getstream: is it safe to expose the API key to the public?
- Hiding API Key on Xively Image
- Hiding API keys used in an open source application
- api key doesn't display in my account wordpress