Select to view content in your preferred language

How do we secure API Key when the application is deployed in public domain for everyone's use?

04-10-2023 09:21 PM
Occasional Contributor II

Hi All,

I would request information on how do we secure API Key. Our  app should be working on public domain, I understand we cannot set referrers in our case.

Any suggestions would be very helpful. 

Thanks in advance!

With Regards,

Vara Prasad

1 Reply
Occasional Contributor

You could setup a small proxy to handle the API key for the requests. This will hide the key (although without a referrer anyone could still access).

Esri does have sample code for a proxy, but the code is retired now as they recommend one of the following approaches (from esri github page for proxy) although some still rely on having a referrer:

0 Kudos