API JSON Tutorial (Video)

Hi Tatiang, Thank you for the WebAPI intro. I hope you can elaborate on security.
I watched all of @darren videos on this topic and the 10 or so videos by @simran that popped up here: Any tips for working with the WebAPI component? - #11 by domhnallohanlon
In one video (the Yelp one) the key is pasted in the WebAPI form. It’s not clear if that form is encrypted in the compiled app.
I am trying to understand if Thunkable supports methods to hide API keys and other portions of the URL string.
You briefly touch on this in the video (around the intro to JSON), but didn’t finish the thought.

I want to make an app that does not require login, nor firebase. I am thinking of using a stored variable.
The user would enter the key the first time the app runs.
From what I have read, the stored variable is local to the device and does not travel with the shared app.
In other words, I don’t want someone decompiling my app and find the key in the code.
I tried decompiling my own app, but I cannot find my code in the myriad folders of the APK file.

I am still learning about security and started reading about Bearer and OAuth stuff… very convoluted.
It seems that stored variables would avoid me getting into complicated topics on Bearer, OAuth… my head hurts.

Thanks,
Pescatore

1 Like