DEV Community

Discussion on: Building a SaaS Product in Public - Update 1

Collapse
 
rafaelrozon profile image
Rafael Rozon

Very often env variables have sensitive information. How are you planning to handle that?
Nice problem to solve, btw.

Collapse
 
ajones_codes profile image
Andrew Jones

Thank you!

In terms of securing access to the service, at the moment I'm planning on the request for the env vars require an API key, which the user could keep in their local .env. The benefit is that there could be one unchanging API key per user, so teams don't need to sync that variable, and the service will do the rest.

In terms of what to do with the env vars after the service pulls them to a user's local, I'm thinking of writing them to a gitignored .env.sync file or something along those lines.