How to keep API keys secure

BrandonBrandon Member Posts: 1

Hi, I am working on building a mobile phone app in C# that will allow customers to browse our online store and make purchases. My question is, if the API keys are required to access any category/product information, that means the phone app will technically have the API keys stored in it and therefore every customer will theoretically have them too. How do I keep them secure?

Tags:

Answers

  • bpmbpm Member Posts: 10

    My choice would be to let your app communicate with a webservice of your own. The webservice can do all the communication for you, thus keeping those credentials secure. You just need to think of a way to authorize your app to have access to your webservice.

Sign In or Register to comment.