🚀
Dec '24 • General discussion
You're exposing your API keys in HTTP requests!! For beginners
Shared this on another automation group and it was well received so sharing it here for others to know:
It's critical if you're working on client projects, with client API keys that you're encrypting them properly using N8N credentials.
Non-encrypted API keys = someone intercepting and abusing your API key
I've seen a few POCs (AI agents with HTTP requests and general HTTP requests) demo'd now where API keys are added directly into the request headers and sent unencrypted in the request so I created a video to show how to properly encrypt them in N8N (and with agents) & why it's important
6
4 comments
You're exposing your API keys in HTTP requests!! For beginners
