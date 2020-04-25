Skip to content
Discussing encryption of secrets in Sanity Studio for external API calls

4 replies
Last updated: Apr 25, 2020
Hello. Sanity studio is totally client side so if I need a secret (e.g. for an external api call) it will be visible in js build, even for not logged user just checking in the build file. I think the best could be to encrypt a variable (or a file maybe) that could be decripted only by sanity authenticated user, any way for doing that? An encrypt / decreypt function that is executed on sanity servers using a project key accessible only by project users would be awesome for my case
Apr 25, 2020, 6:54 AM
Or you could do as we do with the Mux input plugin, namely save the secret in a document whose 
_id
is on a path, and thereby not accessible for non-authenticated uses: https://github.com/sanity-io/sanity-plugin-mux-input/blob/master/src/actions/secrets.js
Apr 25, 2020, 6:58 AM
Ok, interesting. It would work only for private dataset, right?
Apr 25, 2020, 7:00 AM
Nope, it works for public as well. Same logic as 
drafts.
 https://www.sanity.io/docs/ids
Apr 25, 2020, 7:00 AM
Ok great! i'll study that, thanks
Apr 25, 2020, 7:02 AM

