I am using meteor to build an app, which needs to call a 3rd party REST API. I have to authenticate to that API vial my credentials (username:password).
I only need to access the API from the Server, so I wrote a function which is in my /server directory.
Currently I have defined my credentials in a variable AUTH = “username:password” (in the same file containing the function) which is used in the HTTP request.
My question is, whether it is OK that I store my credentials in that file, which should not be accessable from the client (= user), or whether there is a better way to store my credentials I need for a 3rd party API call?
Thank you and best regards.