How to hide environment variables when putting configuration file in plugin folder

ducnv_resolve · ‎09-19-2024

I am using Mapbox to create a new widget and add it as an add-on. I noticed that by placing the entire source code in the /plugins directory (including the file containing environment variables - config.js), anyone can access my token and source code. How can I prevent this from happening?

DRay · ‎09-23-2024

Hello @ducnv_resolve,

Thank you for reaching out here. I see that this question hasn't had a response yet, so I am reaching out internally to try and get you an answer.

David Raynor (DRay)

ILLIA · ‎10-17-2024

@ducnv_resolve Greetings

As it is all happening on front-end side, there are not much way of hiding the token, and in any case it will be possible to see it on a debugger on Mapbox related methods.
What you can try is to whitelist Sisense URL for that token to make it non-usable outside Sisense and therefore there will be no need to hide it.
Please check the article and let me know if you have any questions.
https://docs.mapbox.com/accounts/guides/tokens/#:~:text=You%20can%20make%20your%20access,from%20the%...

Best regards,

ILLIA

DRay · ‎10-22-2024

Hello @ducnv_resolve,

I’m following up to see if the solution offered by worked for you.

If so, please click the 'Accept as Solution' button on the appropriate post, that way other users with the same questions can find the answer. If not, please let us know so that we can continue to help.

Thank you.

David Raynor (DRay)

Sisense Community

How to hide environment variables when putting configuration file in plugin folder