0

I'm new with this, so this might be a stupid question for some of you but it's not for me, ok?

We have a console app which will be running in a external machine, this console app has our API Key to call our functions in Azure.

The API key right now is stored in an appsettings.json file in clear text. Is there a way to encrypt that using PGP or anything else?

I did some research and the things I find wasn't related with API.

Thanks :)

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
miguelito
  • 111
  • 1
  • 10
  • 1
    Is the console app running in Azure? Azure Key Vault would be the way then... – Jokkeri May 25 '22 at 06:17
  • The Console App developed using Visual Studio, and it uses the API Key to call some functions on Azure. – miguelito May 25 '22 at 07:53
  • 1
    I think there is no definitive answer for your question but only best practices... In the end you must have something to decrypt the key with, so even if you PGP the API-key, you will need to store the PGP-key somewhere. Internet has endless discussion about this: https://www.google.com/search?q=API+Key+Management+Best+Practices Some kind of cryptographic vault might be your solution... I think Windows servers has some kind of internal vault too. – Jokkeri May 25 '22 at 10:58

0 Answers0