-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Research: How to protect secrets in a Flutter
App? π
#82
Comments
https://www.google.com/search?q=secrets+in+flutter Went down a StackOverflow rabbit hole ... |
As you've mentioned in dwyl/auth#277 (comment), the reason the I'm aware that this issue stems from the I don't think there's a way to protect secrets on any |
@LuchoTurtle yeah, that's my understanding too. Glad we're on the same page. π The RLS in Having implemented various auth providers on previous front-end projects, E.g. The best post I've found on this is by Indeed, there is no way to perfectly conceal secrets in a So we just have to follow our own best practice. π |
Following on from the discussion in: dwyl/auth#277 (comment)
We need to understand if it's possible to do "secrets" in a
Flutter
App ... π π€·ββοΈIf we are deploying a
Flutter
Web
App
e.g: https://dwylapp.fly.dev/will any "secret" key that we include in it just be in the
main.dart.js
and thus readable by anyone. π
Opening this question as a research topic. π
I would like a definitive answer to this. β
How do Banks that need to protect an
API key
do it? π€·ββοΈDo they have a multi-step handshake process for sharing π€
a session-based one-time key with their
Flutter Web
App β³instead of including the an
API key
in their "bundle" (APK)? πThe text was updated successfully, but these errors were encountered: