APP_ID should be not exposed at all?

moomoo · September 23, 2020, 1:56pm

Hi I am using jQuery for chat/video call. APP_ID is required to initiate sendbird SDK.

And I realize that the APP_ID could possibly exposed to public. And is it ok for the security issue?

Or APP_ID must not be exposed at all?

In sendbird example code, I see the APP_ID variable is hard coded.

sendbird/SendBird-JavaScript/blob/master/web-sample/static/js/chat.js

var appId = '9DA1B1F4-0BE6-4DA8-82C5-2E81DAB56F23';
var currScrollHeight = 0;
var MESSAGE_TEXT_HEIGHT = 27;

var nickname = null;
var userId = null;
var channelListPage = 0;
var currChannelUrl = null;
var currChannelInfo = null;
var leaveChannelUrl = '';
var leaveMessagingChannelUrl = '';
var hideChannelUrl = '';
var userListToken = '';
var userListNext = 0;
var targetAddGroupChannel = null;

var isOpenChat = false;
var memberList = [];

// 3.0.x

This file has been truncated. show original

Thanks in advance!

imju · September 24, 2020, 5:01pm

App_ID is ok to be exposed however, the most critical part is master API key. The compromise of the master API key can make your data vulnerable. However, APP_ID is ok.

moomoo · September 29, 2020, 8:31am

Thanks for the kind reply

Topic		Replies	Views
Call SendbirdChat.init with different application id JavaScript	3	717	August 9, 2023
JS SDK Swallowing Errors JavaScript	5	463	August 21, 2023
Minified Javascript loaded does not expose Sendird JavaScript chatsdk	9	799	August 24, 2022
Invalid parameters , network error .. Getting this error in javascript chat sdk v4 group-channel , chatsdk	0	514	March 9, 2023
Not authorized File Message JavaScript chatsdk	53	5774	June 26, 2023

APP_ID should be not exposed at all?

Related Topics

Not finding what you need