My security and API keys

I’ve tried to find this information but have not been successful. If I create a public app are all my app settings shared with the person that makes a copy of it? I realize that any of my REST endpoints are exposed in the project so that would mean that if I include any private header information that is now exposed but what about the actual app settings like my Firebase information? I see Thunkable Pro in my very near future but I was hoping I still had a little time.

1 Like

Hi there,

Project settings such as Firebase API details will be hidden.

This is what people will see if they click on your project and don’t remix it:

And this is what people will see if they remix your project:


If you’re worried about API keys and REST endpoints with authentication in the blocks (not in the designer view), consider storing the sensitive information in firebase perhaps? (And then secure your firebase with a rule!)