How can I call a web service from a survey and keep security credentials hidden?

andypandyp Cambridge UKCommunity Member - Trial User Qubie ✭

How can I call a web service from a survey and keep security credentials hidden?

I am currently call my own custom API from within a web service in a survey. It all works fine but I am concerned about security. I am providing the API Key in the custom headers field and putting the literal value in the survey. This is inherently insecure as it makes the API Key visible to anyone who has access to the survey. What is recommended best practice in this area? Is there an alternative to the approach I have taken? I need to share the survey with others but have no visible security info embedded in the survey. How to do this? Any guidance much appreciated.

Tagged:
Sign In to Comment