Hello, when I send the password reset link to the user, my project’s web API key is written from the password reset link, can’t the users steal the databases in my database?
@yusufcihan @Anil_M @The_K_Studio
Hello, when I send the password reset link to the user, my project’s web API key is written from the password reset link, can’t the users steal the databases in my database?
Even without the password reset link, the API key is already including in the packaged application. You can protect your database using Firebase Security Rules.
How can I protect it? is there something that explains it?
Also, can I remove the api in the password reset link? is there a way from the link?
I don’t use Firebase, so I don’t know, sorry.
thank you for your help have a nice day
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.