Where to store sensitive data/credentials for an app

Topic Labels: Extensions
1247 2
Showing results for 
Search instead for 
Did you mean: 
4 - Data Explorer
4 - Data Explorer

I’m building a simple app for internal use, i.e. not shared. The App calls an external API endpoint which requires an API key. Also there is a staging and a production endpoint.

I have read about GobalConfig, but all the docs say do not store sensitive information here. There is no guidance on where to store sensitive data. Please can someone tell me where I store credentials for an external API and also how I can use something like environment variables to swap the stage/prod endpoint and stage/prod API key.

2 Replies 2

Welcome to the Airtable community!

Per this post, this post, and this post, Airtable stores credentials in global config.

4 - Data Explorer
4 - Data Explorer

Thanks, I went ahead with globalConfig and had to build a simple settings panel in to my app. It works nicely but it does mean all users of the app can edit these settings and potentially break something. Not sure if there is a more advanced way to restrict access. It works for now though.