Question: How do I keep my API keys from becoming part of someone else's GitHub search? Answer: Storing API keys directly in your code is generally not recommended due to the potential security risks.

Much lip service is paid to protecting information in the Cloud, but the reality is often seat-of-the-pants Cloud security. Most organizations use some form of API keys to access their cloud services.

A developer needs to connect a service to an API. The documentation says to generate an API key, store it in an environment variable and pass it in a header. Five minutes later, the integration works.