How to safely store API keys in WordPress?

  • I am working on external API integration. The integration code is in functions.php file. There are some API related data such as API key and client secret key. What would be the safest way to save these? Is it okay to simply store them in the child theme’s functions.php file or would it be better to store them in the database using Advanced Custom Fields plugin?

Viewing 1 replies (of 1 total)

  • Hi @wrip

    WordPress stores all its keys in the wp-config.php file, so you can do it with your own keys at the bottom of the file. Something like this:

    define( 'MY_API_KEY', 'the-key' );
define( 'MY_API_CLIENT_SECRET_KEY', 'the-api-client-secret-key' );

    Have a nice day

Viewing 1 replies (of 1 total)
  • The topic ‘How to safely store API keys in WordPress?’ is closed to new replies.

Tags