Best Practice for storing settings and secrets

Where is the best place to store app settings, things like colour options and api keys?
I know I could place them in a table but I suspect that there may be a better way.

Unfortunately there isn’t.
If you use API keys or other secrets anywhere in your App, then they are potentially exposed.

For these sorts of things, the current best practice would be to use them outside of Glide, and push the data they provide in via the Glide API.

For example, if you’re making an authenticated API call that returns some data, use an Integration tool such as Zapier or Make, or build your own custom code column and host it on GitHub*.

For non-sensitive data that needs to be available globally, then storing it in the User Profiles table is a good choice. This is because the User Profile row can be accessed directly from anywhere in the App without the need to build relations and lookups, etc.

The issue of being able to securely handle things like API keys is something I’m hopeful that Glide may address later this year. They are certainly aware of this.

*actually, I’m not even sure if that would be a fully secure option. It could be that even with an externally hosted code column, the code is still downloaded and executed locally. This is something I’m not clear about.

1 Like

I think you are correct. GitHub isn’t processing code for all it’s users. It’s just storing the code and allowing you to import it into local projects where it’s ran locally.

1 Like

Yes, I managed to confirm that with Mark. All code columns are executed locally. So that’s definitely not a strategy for securing secrets.


Thanks for this Darren. This will affect how I design and implement apps with Glide.