Morioh
Login
Autumn Blick

Autumn Blick

3 years ago

This article is for the interest of those who have worked with API keys in Ruby or those who tend to do so. Devs who worked or who intend to work API keys in other languages may also benefit from this article.

First and foremost, I’d like to explain the meaning of API and hard coding:

API simply put as Application Programming Interface (API), is a toolset that programmers employ in software creation. A good example is the Apple (iOS) API that’s used to detect touchscreen interactions. APIs are sets of functions that allow applications to access data and interact with external software components, and operating systems

Hard coding is the software development practice of embedding data directly into the source code of a program or other executable objects, as opposed to obtaining the data from external sources or generating it at runtime.

Hence, hard coding API keys is simply the practice of embedding API keys directly into the source code of our applications or programs.

And by Encrypting API keys, I mean making them hidden and secure.

The dangers of leaving API keys hardcoded on our applications and/or projects built with Ruby are discussed below:

One of the many reasons why it’s completely improper to have API keys hardcoded on our applications and/or projects is;

One way that developers inadvertently expose their API keys is to hard-code them directly into the source code of their applications. For this reason, hard-coding keys from any API provider directly into the source code of their apps are widely considered to be a security flaw across the API, security, and developer communities. This is simply because it exposes one’s programs and its contents to security threats. Such programs or applications, its contents, and/or features are exposed to hackers and to everyone else whose intent is to gain unauthorized access and cause malicious damage to the apps or its contents.

Publicly exposing your API keys can result in your account being compromised, which could lead to unexpected charges on your account.

API keys are like the keys to your house or your car, therefore, it’s important to protect them to make sure they can only be used by the people and in the way you want.

#coding #security-of-api-keys #api #rest-api #api-security #api-keys #tech #ruby

All The Secrets Of Encrypting API Keys In Ruby Revealed

hackernoon.com

All The Secrets Of Encrypting API Keys In Ruby Revealed

This article is for the interest of those who have worked with API keys in Ruby or those who tend to do so. Devs who worked or who intend to work API keys in other languages may also benefit from this article. First and foremost, I’d like to...

1.25 GEEK