In this meeting, the participants discuss the issue of API key security and the importance of keeping sensitive information secure. They mention that anything sent to the front end, such as a web browser or app, should be assumed insecure and readable by malicious actors. They emphasize the need to store API keys securely, such as in a controlled vault or back end system like Xano. The participants also discuss the use of cookies or similar authentication methods to handle requests and ensure security. They mention that well-behaved e-commerce systems wait for the user to accept cookies before sending out data. The meeting ends with one participant expressing curiosity and gratitude for the helpful information provided.
(Source: Office Hours 2/23 )
