How do I hide API key in create-react-app?

by

Unfortunately, keeping any key in your React client, even if you are using gitignore and an .env file, is not secure. As pointed out by @ClaudiuCreanga, React environment variables are embedded in the build and are publicly accessible.

You should really only save API keys or secrets in your backend such as Node / Express. You can have your client send a request to your backend API, which can then make the actual API call with the API key and send the data back to your client.

More Related Contents:

  1. How do I hide an API key in Create React App?
  2. How to use environment variables in Github Page?
  3. How to fix missing dependency warning when using useEffect React Hook
  4. How to specify a port to run a create-react-app based project?
  5. Adding an .env file to React Project
  6. Template not provided using create-react-app
  7. Error: ‘node-sass’ version 5.0.0 is incompatible with ^4.0.0
  8. Line 0: Parsing error: Cannot read property ‘map’ of undefined
  9. Use custom build output folder when using create-react-app
  10. deploying create-react-app to heroku with express backend returns invalid host header in browser
  11. Error while creating new React app (“You are running `create-react-app` 4.0.3, which is behind the latest release (5.0.0)”)
  12. How to connect API with Web SPA through docker
  13. Blank page after running build on create-react-app
  14. Unable to create new react app with npx create-react-app
  15. How should I configure create-react-app to serve app from subdirectory?
  16. Adding an .env file to a React project [duplicate]
  17. ‘TypeError [ERR_INVALID_ARG_TYPE]: The “path” argument must be of type string. Received type undefined’
  18. How to avoid using relative path imports (/../../../redux/action/action1) in create-react-app
  19. Relative path in index.html after build
  20. react long press event
  21. Create-React-App Proxy in Production Build
  22. combine react build output into single js file
  23. What is public/manifest.json file in create-react-app?
  24. How to set build .env variables when running create-react-app build script?
  25. create-react-app: how to use https instead of http?
  26. Disable ESLint that create-react-app provides
  27. Create-React-App build – “Uncaught SyntaxError: Unexpected token
  28. Cache busting with CRA React
  29. create-react-app is not working since version 4.0.1
  30. create react app not picking up .env files?

Leave a Comment