Replies: 2 comments
-
Hey @simar7, thank you for those kind words 😄 Indeed having the keys in the frontend means anyone using the frontend could get the keys and use the search. First of all, you should use a You can read more about the public key on the documentation Let me know if anything is still unclear :) |
Beta Was this translation helpful? Give feedback.
0 replies
-
Perfect. That helps! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi all, first off – thank you for this amazing piece of software!
I was wondering are client apiKeys (for e.g. the apiKey used in the JS client) considered a secret? I guess if it's known to someone along with the endpoint and the index, they could perform unwanted queries.
A general question I have is how to keep the keys within the javascript client that's part of the frontend. Keeping it completely open (no master key) vs. keeping the key in plaintext (with master key) seems to be same scenario.
Maybe I'm missing something? Any thoughts?
Beta Was this translation helpful? Give feedback.
All reactions