It is a unique identifier used to authenticate the API requests of a project.
Let's say you are consuming an API in your application which uses an API key. You would want to keep that key away from the reach of other people. If someone with a malicious intent gets hold of your API key, they could use it for their own personal chores and you might end up getting billed for something you did not consume. Even if it is not a paid API, you could face privacy and/or personal data leak. There are many security threats attached with unsecure API keys, make sure to read more about it.
It is a set of key-value pair, stored outside the program; in the server.
There are multiple use-cases for an environment variable, I will address them in context of a front-end application.
- As they are stored outside the program, they are safe from prying eyes and an attacker won't be able to just browse through your source code and get your API key.
Netlify is a San Francisco-based cloud computing company that offers hosting and serverless backend services for web applications and static websites.
To continue, you will have to host a website on Netlify first. You can do that for free as well. Click here to open Netlify.
If you already have a website hosted with Netlify, you can follow these steps:
You have successfully saved an API key as environment variable in Netlify.
Click here if you are interested to know how to access the API key (stored as environment variable in Netlify) in your front-end application using Serverless Functions.