DEV Community

Cover image for How to Secure API Token
Mahesh Sv
Mahesh Sv

Posted on

How to Secure API Token

#todayilearned #security #github

If you are into this tech world for a while. I'm sure you heard about the word API. API is Application Program Interface. For example, Google has API which gives user details access to third party softwares. So basically API acts as bridge to pass secure information to authenticate third party softwares. To authenticate this third parties API token is required.

Many contributors use this API tokens to create some unique products like creating Telegram Bot, Slack Bot. Although product was built successfully. Contributors get recognised by showing their code to Dev Community. To do that they need to secure the API token before they publish it to github.

Table of Contents:
Securing API tokens on Windows
Securing API tokens on Github
Securing API tokens on Heroku

Securing API tokens on Windows:

To secure API token you need to define them in the environment variables.

  1. Search the Environment Variables you will find Edit the Environment variables, open it. you will find these Alt Text

  2. Then go to Environment Variables. Click on the New button then add the api token with some variable name and note the variable name
    Alt Text

  3. After adding this Variable then Restart it.

Now you can use this API token across any code in your local system.

Securing API tokens on Github:

  1. First upload your Repo in the GitHub. Open the Your Repo Settings tab as shown below.

Alt Text

  1. Then open Secrets on the left side as shown in above picture.

  2. Then add new Secret with Var name and API token.

  3. Now this variable works across the Repo.

And Secret Variable won't disclose to any other users or third parties by GitHub.

Securing API tokens on Heroku:

In heroku you can do this in two ways either through Heroku CLI or Dashboard.

Heroku CLI

  1. Open cmd and login to Heroku with Heroku login
  2. Go to your Project Folder
  3. Then use this command heroku config:set S3_KEY=8N029N81 S3_SECRET=9s83109d3+583493190

Alt Text

Now you can use variable name anywhere in the Project

Heroku DashBoard:

  1. First Create app in the Heroku
  2. Goto App settings tab
  3. Goto Config Vars and add your API tokens Alt Text

This is it. Hope this post is helpful to you!
If you like my post like it, Share it and if you have a doubt comment down below ๐Ÿ‘‡
Contact me: LinkedIn ยท GitHub

Top comments (0)

Read next

programmerbyday profile image

Top 5 Online Markdown Editors (2024)

Arman @programmerByDay -

schalkneethling profile image

7 Frameworks, One SAML Jackson - Your Open Source Single Sign-On Solution

Schalk Neethling -

jeevanvj profile image

Dynamically Populating Parameters in Manual GitHub Action

jeevan wijerathna -

logeshn21 profile image

COMMON VULNERABILITIES: REENTRANCY PART โ€” I

Logesh N -