Issue
I am trying to use the ipapi API (https://ipapi.com/documentation) to get the geolocation data of users and I have an API key which I will need to use to make the API call to get the JSON results.
In nodejs, we can use .env to store secret keys and access them with process.env.KEY_NAME. The same goes for servers such as Heroku and AWS, where we can store an API keys as config vars.
But for shopify, I can't seem to find out where to store secret API keys.
I have read some examples:
How to define global variables in Liquid? (this doesn't seem like the right thing to do as I want to store it as a secret and access it from another file).
https://devcenter.heroku.com/articles/config-vars (only for themekit/slate development).
Is it safe to just create another .liquid file and place all my secret keys there and just call it from another file?
Would appreciate if someone could point me the right direction.
Thank you!
Solution
You cannot hide secret API keys in Shopify. Instead, if you want to use a service that is secret, you can install your own custom App in the store, and use the App Proxy callback to call your App. Your App can then use secrets to make secret key API calls, and then that data is returned to the store front for use.
On the other hand, for something trivial like calling a geolocation service, you probably have the option to just call them with a public token assigned to your account, no secret. So you'd just use that, and not worry.
Answered By - David Lazar Answer Checked By - Pedro (PHPFixing Volunteer)
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.