Is storing API keys in cloud code secure?

[rihadavid]

Is it secure to explicitly write OAuth 2.0 client secret key in source code of a cloud code function? Is cloud code protected from public access?

Or how should I safely store secret key that I need to communicate with foreign API?

I am still developing my app on parse.com, but will move to Parse Server soon.

Thank you very much.

[hramos]

The source for the cloud code you write in your Parse Server should not be publicly visible when your server is deployed unless you're doing something very wrong. Closing as this is not an issue with Parse Server itself.

For implementation related questions or technical support, please refer to the Stack Overflow and Server Fault communities.