Where should access tokens be stored?
Options
Andrefk
Community Member
Hello,
I just set up a connect server, and was unsure of what to do with the access token. Is it safe to store it in source code now that all requests have to go through the connect server? Where else should i store it? This would be for both prod and dev environments.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
0
Comments
-
Definitely never store your access token in source code.
An ideal / typical setup is that you keep your access token in a normal vault (whereever you keep your other logins, etc...)
Whenever you run your code, you set an ENV variable (PWD_TOKEN or something like that) and pass it to your code as an environment variable
0
This discussion has been closed.