Security Bug with API key

Anybody can get the API key from Bolt Id.
API key can be seen in the source code of the html page.

In source code of html no need to write the api key just insert this part it will automatically take the api key “setKey(’{{ApiKey}}’,’{{Name}}’);”. If you want api key you can access it from bolt cloud api section(“”)

Hi @Rahulk15 ,
To solve this issue, you can create your own server/cloud functions, and instead of making requests to the BOLT cloud, you can send requests to your server and from there call the Bolt APIs and send the response back. You can add an authentication mechanism on your server so that only once you login, you can send a request to the server.

Let me know if you need any help in implementing any such thing.