Obfuscate API in backend

  • Resolved alexs4

    (@alexs4)


    3 months, 1 week ago

    It would be handy as we are unable to generate individual api from the oopspam website, to at least be able to obfuscate the api credentials when adding to a site, this way a client cannot then just take the api and add it to other sites. If would also be handy to be able to sever the connection to a site, if moved away to another provider.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author oalili

    (@oalili)

    3 months, 1 week ago

    Hi @alexs4 ,

    Unfortunately, there is no reliable way to hide the API key, as someone with admin access to the WordPress dashboard can still access the data.

    The current options are:

    1. Use the code ‘define( ‘OOPSPAM_API_KEY’, ‘YOUR_API_KEY’ )’ in your wp-config.php file to hide the API key from users.
    2. Assign non-admin privileges to hide the setting.

    Any reliable solution would require us to implement this on our end, which is on our roadmap.

    Thread Starter alexs4

    (@alexs4)

    3 months, 1 week ago

    ignore… thanks for the assistance

    • This reply was modified 3 months, 1 week ago by alexs4.
Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.