+ Start a Discussion
ColoradoMikeColoradoMike 

Safe to include encryption keys in Apex within a managed package?

I'm pretty sure the answer to my question is "yes", but let me throw it out there to see if anyone has a better recommendation.

 

I'm working on an application that will be available on the AppExchange that integrates with various Amazon Web Services.

 

Within the Apex code, I need to include my Amazon access key and encryption key into the code so it can access some resources.

 

Since the Apex code will be in a managed package, I know that the source code is not accessible by a customer, so it should be okay that I leave my access key and encryption key within the code, right?  Does anyone have a better suggestion?

 

Essentially, can I trust that the source code isn't accessible by anyone but me?

 

Mike