dimanche 18 mars 2018

Securely saving API keys in database

We are implementing a web app where we want users to log in to our website and enter API keys that allows them to authenticate to website #2. We want to save the API keys to a database so that users only have to enter them once. What are the standard best practices for securely saving the API keys to the database such that we, the developers, can’t access them? Salt and hash? How do we make users feel at ease with providing our app with the API keys?




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)