Guidance on Securely Storing API Key in Airtable Automation

RSk · ‎Nov 28, 2023

Hi Folks,

I hope this post finds you well. I'm working on setting up automation in Airtable where a script runs upon creating a record. The script involves an API key, and I'm looking for a secure way to handle it without hard coding.

Ideally, I'd like to use something like process.env.ENV_VAR to reference the API key securely. Is there a recommended method or best practice within Airtable for achieving this? I want to ensure the key is stored securely while still being accessible for the automation to function smoothly.

Any insights or guidance on this matter would be greatly appreciated. Thank you in advance for your assistance!

kuovonne · ‎Nov 28, 2023

Airtable scripts do not have access to environment variables or other methods of securing an API key.

I have some of my scripts call a Make.com scenario in order to place credentials outside of Airtable so that base collaborators cannot access those credentials.

Airtable was originally created with an expectation that all base collaborators could be trusted with seeing everything in the base. Airtable now realizes that people want to use Airtable without all that trust, but engineering secure solutions that actually are secure without a false sense of security takes time.

ScottWorld · ‎Nov 28, 2023

I was going to give the same recommendation as @kuovonne to use Make for these purposes.

You can even write custom JavaScript code in Make by using Make’s OCodeKit integrations which allow you to run native Javascript code within your Make scenario.