Jump to content



Recommended Posts

See https://github.com/MetaTunes/GoCardlessConfig

I built this little module to hold some API keys for GoCardless as I wanted them to be accessible by superuser but without having access to underlying files and code. I'd be interested in views regarding the security of this approach. I realise that there are more secure ways of holding API keys, but a balance has to be struck between usability and security.

To avoid inadvertent disclosure or amendment, it requires the superuser to re-enter their password to access the keys.

It could easily be amended to hold other types of keys, if that is useful to anyone. Any improvements are also welcome!

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...