How to store sensitive API keys that the user has entered?

Based on the advise here, I’m going to ask the user to enter an license/API key in order to prove they have subscription. My block might also need to store sensitive keys for other APIs.

Where should I store these sensitive keys?

This guide says it shouldn’t go in GlobalConfig.

This answer says it should be an environment variable, but I want to enable non techincal users to install my block, so that doesnt feel like an option.


I’m assuming - we need to implement a full login screen to authenticate the user, and protect any keys behind that

I am actually coming across the same issue. I would like a place to store API keys as for our service we can’t do something like set up passport.js to run third party authentication as we don’t pay for enterprise level.

Not sure if passport.js will help you out though if you can log into the service you are using with third party authentication it should work.

Any chance the Airtable team have added a place to store .env info and I have just missed it?

This topic was solved and automatically closed 15 days after the last reply. New replies are no longer allowed.