I did some testing with Public keys on Plugins and hiding them with Privacy rules and Search related queries. It did seem to work and to hide the keys from the network tab. @lottemint.md I know you’re an expert at this field so perhaps correct me if I’m wrong but what it appears to me is that the keys are not exposed if we protect them with privacy rules.
Is that correct? Video demonstration follows below.
Yup. It looks right. Just be sure you don’t expose it accidentally when you work in the privacy settings.
Some cases may require encrypting such sensitive data as tokens.
One of the decryption code parts should be unique for each record, the main part on the app side as a private parameter. So before using actions related to this data, you need to decode it.
This flow provides the possibility to refresh the decryption code as you need (to escape cases when the end-user exposes tokens via Brower’s extensions).
But, not sure if it is required in your case.