I have recently made a plugin that generates Roblox Code using Open Ai but I’m not sure how to protect my Api Key from getting leaked. Any tips or ways that I can use to protect it?
1 Like
Just don’t send it to people.
So don’t put it in a LocalScript or any ModuleScript that gets replicated to clients, and don’t send the key through RemoteEvents or RemoteFunctions.
Is that it? do I not have to work with Proxy Urls and stuff?
The URL might be secret, for example if it contains the API key then you need to do use it securely. AFAIK it shouldn’t be necessary to do anything special if you’re sending over HTTPS but I’ve no idea if HTTPService does that.
You do since you are making a plugin. Everyone who downloads your plugin will get all of its source code, including api key.
3 Likes
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.