How to secure API keys in Airtable Block Code

Bryan_Lopez · ‎Feb 03, 2020

Not sure if I understand the use cases for Blocks but I am trying to create a little mini GUI to pull data from Google and save into Airtable. How do I go about securing my API key? Is it secure to bundle with code that gets released to Airtable?

Dru_Knox · ‎Feb 03, 2020

Hi Bryan,

With the blocks that Airtable builds, we ask users for credentials and store it in globalConfig, which is a key-value store that’s scoped to that block installation. If API key won’t change, you could also include it directly in the Block code, which only you (or anyone with access to the source repo) can view.

Note that the credential will still be accessible by all base collaborators since the API requests are made client-side.

See Solution in Thread

Dru_Knox · ‎Feb 03, 2020

Hi Bryan,

With the blocks that Airtable builds, we ask users for credentials and store it in globalConfig, which is a key-value store that’s scoped to that block installation. If API key won’t change, you could also include it directly in the Block code, which only you (or anyone with access to the source repo) can view.

Note that the credential will still be accessible by all base collaborators since the API requests are made client-side.