Learn how app keys work with Rownd code snippets, SDKs, and APIs.
The app key is a publishable value, meaning it isn’t intended to be private. You’ll use an app key in all of your user-facing code, such as React or Vue apps, websites, mobile apps, etc.
Each app key has an associated app secret that will be visible to you only once. App secrets are private values, meaning you should limit the number of people who have access to them. You should also take care to ensure they are not included in publicly visible configuration files, mobile app binaries, website deployments, and so on. They should exist only within your backend server environments or secrets manager.
You can revoke an app key and its associated secret at any time through the Rownd dashboard. Be careful, though! Revoking a key that’s still in use will likely result in downtime for your app. Ensure you generate new app keys and update your deployments with them before revoking existing keys.