Forum Discussion
How to securely integrate ChatGPT into a Storyline project?
I've been looking into how to integrate ChatGPT into Storyline to simulate conversations and have become aware of the issue that the API key is visible to users via the browser console.
The solution to this, I have read, is to use a second server. Does anyone have any experience with this and can explain to me how it would be done with an LMS?
Thank you!
- NedimCommunity Member
Rule #1: Never expose your API key in frontend code (e.g., JavaScript running in the browser) or on the client side. No more rules.
Instead, route all API calls through a secure backend server where the key is stored securely. I recall a friend of mine mentioning that he used the "dotenv" package in a Node.js environment running on his server to load environment variables from a .env file. This file would securely holds your API keys, preventing it from being exposed in the code. I’m not an expert in this area, so I may not be able to offer much help. However, you can find more detailed instructions online on how to integrate it to run on the server. Hopefully, someone with more experience will weigh in with additional options.- TereSiaCommunity Member
Thank you! This is a start, I'll try to find more detailed instructions with the information you've given me :)