Hi All,
My app is relying heavily on API integrations and custom plugins.
One of the issues I’m struggling with is storing the various API keys in a secure way.
Example
User Accounts upon generation get their own openAI project and openAI API key. The only place to store these API keys is in the database. Now I’m super careful to process all openAI requests server side (and of course ring fencing the keys with privacy rules between users) so that the API keys are not visible client side and never accross. All works fine but still think this is a 5 out of 10 from a security perspective… The API keys for example show up in the Logs etc. without any form of masking
Is there a way to set a field in the Bubble database to auto mask or whatever is needed so that these secrets are never disclosed apart from the specific encrypted transit situations?
**
Thanks!!!**