1

I developed a small program hosted in my company's on-prem Windows server in Python. The program involves an API call using a private token generated for me. I stored the Python source code in plain text, but I don't want my token to be stored as raw plain text, which may cause billing issues, just in case the server administrator abuses it.

My question is: how and where (ideally in local machine), should I securely store the API key so that no one but I can access it?

  • This question should be on [su], as it is an OS question. This site is for programming related questions. With that being said, you can turn encryption on for a folder when logged in under your account, and then put your key in that folder. No one (including administrators) can access the encrypted data in that folder. – Ken White Jan 15 '22 at 00:20
  • @KenWhite Thanks for the comment. I'll try to implement it :) –  Jan 15 '22 at 00:29
  • In Windows 10, create the folder you want to encrypt, right click it in Explorer, choose Properties, and then Advanced. Encryption is the last checkbox at the bottom. – Ken White Jan 15 '22 at 01:55
  • Protecting an private API token in scripts is IMHO an StackOverflow question (even if there is no real solution there are a lot of similar questions on SO for different programming languages). The migration just shows that the people who migrated it have not understand the question (effectively the question is how to disallow a user to view the script source code). – Robert Jan 15 '22 at 12:19
  • @KenWhite EFS is transparent encryption and does not prevent the user from viewing the saved data, but this is the actual question of o_yeah: How to distribute a script with a secret so that the users executing the script can not view the secret. – Robert Jan 15 '22 at 12:21

0 Answers0