Skip to main content

Best Practices

  • Store secrets outside client-side code.
  • Rotate credentials on a regular schedule.
  • Scope keys to the minimum access needed.
  • Remove unused keys promptly.