How to Protect API Keys in Bubble When Working with Outside Developers

framefocusme · November 14, 2024, 6:20pm

Hi everyone,

I’m looking for advice on how to protect sensitive data, specifically API keys, when collaborating with external developers on Bubble.

Is there any way to prevent collaborators from accessing the Plugin section where these keys are stored? It seems that as long as someone has access to the app, they can view the API keys in the plugin settings.

If there’s no way to restrict access to this section, is the only workaround to change all API keys every time a new developer joins or leaves the project? Any tips or best practices for securely managing API keys in this scenario would be greatly appreciated!

Thanks in advance!

chris.williamson1996 · November 14, 2024, 6:29pm

Roll your keys after the job completion
Have them develop in an external app and copy it in

framefocusme · November 14, 2024, 6:53pm

Thanks for the feedback. Option 1 I’ve thought about. Option 2 as well, I am just not sure how well backend workflows copy over. It may be straight-forward. I just don’t know. I’ve been building solo and working with devs in bubble is slightly different than a code-based app.

ramzizi · November 14, 2024, 8:33pm

I feel like it would be a very easy thing for bubble to implement an option to hide API keys from collaborators

pachocastillosr · November 14, 2024, 8:44pm

Vote for this feature here

Topic		Replies	Views
Secure API keys in Bubble.io Need help	3	44	November 7, 2024
Outsourcing - how to protect information Questions	2	228	November 11, 2021
API KEY dynamic Plugins	3	218	July 22, 2024
Safest way to let other devs access my app?	2	507	August 30, 2016
Implement Bubble "Secrets" Idea	7	1205	December 23, 2022

How to Protect API Keys in Bubble When Working with Outside Developers

Related topics