Skip to main content
All CollectionsAdvanced
Environment Variables
Environment Variables

A more secure way to handle API keys

Justin Yan avatar
Written by Justin Yan
Updated over a week ago

Introducing 'Environment' variables, a feature designed to keep sensitive information like API keys secure in Frontly. With this update, you can now safely store and use API keys without exposing them on the front end of your app.

This feature is exclusively available for the Webhook action, providing a more secure way to pass credentials when integrating with third-party services.

What Are Environment Variables?

Environment variables allow you to store sensitive data securely and reference it within your app without hardcoding it into requests. This ensures that API keys and other credentials are not exposed to users or client-side code, improving security.

With this feature, instead of directly adding an API key to a URL or request header, you can use an environment variable placeholder like this:

https://api.example.com/data?api_key={{ env.my_api_key }}

How to Set Up Environment Variables in Frontly

  1. Find to Security Settings

    To begin, go to Frontly’s Advanced Settings page. Within this section, you will find the Environment Variables feature, which allows you to securely store and manage API keys and other sensitive data.

  2. Add a New Environment Variable

    Once in the Security Settings, click 'Add Variable' to create a new environment variable. Give it a recognizable name, such as test_api_key, and enter the corresponding API key or secret value. This ensures that the sensitive information remains securely stored and accessible only within the backend.

  3. Use the Variable in a Webhook Action

    Now that your variable is set up, you can reference it inside a Webhook action. Instead of manually inputting an API key in your URL, headers, or request body, use the variable by including {{ env.variable_name }} where needed. For example:

    • In the URL: https://api.frontlyapp.com/test?api_key={{env.test_api_key}}

    • In Headers: Set the api_key header to {{ env.test_api_key }

    • In the Request Body: { "api_key": "{{ env.test_api_key }}" }

  4. Save & Test

    After configuring the Webhook action with the environment variable, save your changes. Then, trigger the webhook to ensure that the variable is correctly applied and securely passed to the request.

Why Use Environment Variables?

Improved Security: Prevents sensitive credentials from being exposed in client-side code.
Easier Management: Store and update API keys in one place without modifying multiple requests.
Reduced Risk of Leaks: Ensures API keys are only accessible on the backend where they are needed.

If you have any questions or feedback, feel free to reach out to our team or visit our community forum for discussions with other Frontly users.

Happy building!

Did this answer your question?