Apex Code Development You need to sign in to do that
Don't have an account?
Sachin_K Regarding the custom settings in managed package
Hi,
We have developed a managed package for App Exchange but kept the custom settings as public so that admin can have access to it. We are storing the api keys in the custom settings but no username or passwords. will it amount as threat in security review.
Aprreciate the help here.
Thanks,
Sachin
Yes - There is a whole section on security.force.com that talks about how to handle this: http://wiki.developerforce.com/page/Secure_Coding_Storing_Secrets
I recommend using a protected custom setting and having your managed code insert/update the data in the custom setting.