should I hide my fcm details, like: apiKey, authDomain, projectId, storageBucket, messagingSenderId, appId, measurementId and vapidkey

Question

I've these details, exposed to many websites developed for me by me.

I use these to try sending notifications to my users/subscribers. But I was thinking if someone evil gets these key, what can they do.

const firebaseConfig = {
  apiKey: '----xxxx--------',
  authDomain: '----xx-----',
  projectId: '---x-----',
  storageBucket: '----x----',
  messagingSenderId: '----x----',
  appId: '---x----',
  measurementId: '---x----',
};

initializeApp(firebaseConfig);

const vapidkey = '--xxxx--';

score 2 · Accepted Answer · answered May 20 '22 at 09:42

2

There is no problem, indeed is needed to comunicate with yout service. You can take a look a this response:

https://stackoverflow.com/a/38860737/7414755

answered May 20 '22 at 09:42

Rober

71
1
5

should I hide my fcm details, like: apiKey, authDomain, projectId, storageBucket, messagingSenderId, appId, measurementId and vapidkey

1 Answers1