Title: API Token Security
Last modified: December 8, 2023

---

# API Token Security

 *  [squarecandy](https://wordpress.org/support/users/squarecandy/)
 * (@squarecandy)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/api-token-security/)
 * Hi!
 * Thanks for the amazing plugin.
 * Would you consider providing the ability to add the API Token for v6 via a wp-
   config.php definition?
 * Would be lovely to avoid storing it in the database in plain text and having 
   it available on the settings screen, even after it’s been entered.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Matt Keys](https://wordpress.org/support/users/mattkeys/)
 * (@mattkeys)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/api-token-security/#post-17263826)
 * Yes this is something I’m open to, and variations of this have been suggested.
   I do not have an ETA for the next version of this plugin currently.
 *  Thread Starter [squarecandy](https://wordpress.org/support/users/squarecandy/)
 * (@squarecandy)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/api-token-security/#post-17263910)
 * Thanks for considering it! No timelines expected on a free plugin, just wanted
   to log the suggestion.
 * For kits intended for use on only one site, the security issue can be mitigated
   by restricting to a certain domain. But we have some cases where we want to keep
   it open so we can let a bunch of domains make use without having to login to 
   fontawesome.com and allow each one individually.
 *  Plugin Author [Matt Keys](https://wordpress.org/support/users/mattkeys/)
 * (@mattkeys)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/api-token-security/#post-17264003)
 * FYI, I ended up spending some time on this tonight along with a few other updates
   I’ve been sitting on. It’s currently in version 4.0.7 of this plugin. I haven’t
   fully launched that version yet but it can be downloaded here:
 * [https://wordpress.org/plugins/advanced-custom-fields-font-awesome/advanced/](https://wordpress.org/plugins/advanced-custom-fields-font-awesome/advanced/)
 * Go to “ADVANCED OPTIONS” and download the “Development Version” if you are able
   to test it out.
 * It isn’t 100% what you asked for (a constant to be defined in wp-config). It 
   uses a WordPress filter to set this value, as well as potentially the kit token
   for people who want to preconfigure that as well.
 * From the changelog:
    - Added filter (ACFFA_fa_api_key) to allow for the ability to programmatically
      set the FontAwesome API key.
    - Added filter (ACFFA_fa_kit_token) to allow for the ability to programmatically
      set the FontAwesome kit token.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘API Token Security’ is closed to new replies.

 * ![](https://ps.w.org/advanced-custom-fields-font-awesome/assets/icon-256x256.
   jpg?rev=3435775)
 * [Advanced Custom Fields: Font Awesome Field](https://wordpress.org/plugins/advanced-custom-fields-font-awesome/)
 * [Support Threads](https://wordpress.org/support/plugin/advanced-custom-fields-font-awesome/)
 * [Active Topics](https://wordpress.org/support/plugin/advanced-custom-fields-font-awesome/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/advanced-custom-fields-font-awesome/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/advanced-custom-fields-font-awesome/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Matt Keys](https://wordpress.org/support/users/mattkeys/)
 * Last activity: [2 years, 5 months ago](https://wordpress.org/support/topic/api-token-security/#post-17264003)
 * Status: not a support question