How do I hide an API key in Create React App?

by

Unfortunately, keeping any key in your React client, even if you are using gitignore and an .env file, is not secure. As pointed out by Claudiu Creanga, React environment variables are embedded in the build and are publicly accessible.

You should really only save API keys or secrets in your backend such as Node.js or Express.js. You can have your client send a request to your backend API, which can then make the actual API call with the API key and send the data back to your client.

More Related Contents:

  1. How do I hide API key in create-react-app?
  2. How to use environment variables in Github Page?
  3. How to fix missing dependency warning when using useEffect React Hook
  4. How to specify a port to run a create-react-app based project?
  5. Adding an .env file to React Project
  6. Template not provided using create-react-app
  7. Error: ‘node-sass’ version 5.0.0 is incompatible with ^4.0.0
  8. Line 0: Parsing error: Cannot read property ‘map’ of undefined
  9. deploying create-react-app to heroku with express backend returns invalid host header in browser
  10. Error while creating new React app (“You are running `create-react-app` 4.0.3, which is behind the latest release (5.0.0)”)
  11. How to connect API with Web SPA through docker
  12. Blank page after running build on create-react-app
  13. Unable to create new react app with npx create-react-app
  14. Using `”homepage”` in package.json, without messing up paths for localhost
  15. How should I configure create-react-app to serve app from subdirectory?
  16. Adding an .env file to a React project [duplicate]
  17. How to avoid using relative path imports (/../../../redux/action/action1) in create-react-app
  18. Relative path in index.html after build
  19. react long press event
  20. Create-React-App Proxy in Production Build
  21. combine react build output into single js file
  22. What is public/manifest.json file in create-react-app?
  23. How to set build .env variables when running create-react-app build script?
  24. create-react-app: how to use https instead of http?
  25. Disable ESLint that create-react-app provides
  26. Create-React-App build – “Uncaught SyntaxError: Unexpected token
  27. Cache busting with CRA React
  28. create-react-app is not working since version 4.0.1
  29. create react app not picking up .env files?
  30. ‘React’ was used before it was defined

Leave a Comment