Should I hide API endpoint located in package.json as proxy

Question

This is a newbie question. I'm currently working on a twitter clone and added my firebase API endpoint to package.json to use with axios.

"proxy": "https://europe-west1-APPNAME-RANDOMNUMBERS.cloudfunctions.net/api"

Before pushing my code to Github, should I hide the endpoint? If yes, how can I do that? For other types of sensitive data, I have a git-ignored config file but I'm not sure about how to fix this one.

score 0 · Accepted Answer · answered Aug 08 '20 at 22:24

0

No, they will be able to see this when they use your website.

answered Aug 08 '20 at 22:24

Paul McLoughlin

2,279
2
18
24

score 0 · Answer 2 · answered Aug 08 '20 at 22:25

0

Is it safe to expose Firebase apiKey to the public?

This should answer your question :)

The Key ist just an Identifier for the App, not the User of the App himself.

answered Aug 08 '20 at 22:25

NyghtX

1
2

I know, thats what It says in the first Answer. The question just calls it an API Key :) – NyghtX Aug 08 '20 at 22:27

Should I hide API endpoint located in package.json as proxy

2 Answers2