php - Where to store API keys in WordPress?

Where can I store API keys in WordPress? I need to access them in the root directory of the site, and for some reason adding them to wp config makes them inaccessible in the root directory.

Answer

Solution:

There's a file called wp-config.php that's ordinarily in the root directory of a WordPress installation.

It's a PHP program, and has entries like these in it.

define('SECURE_AUTH_KEY',  '9LjsBztwN9VuM=Fl=V6h8lM1zF@&o=-6W]7`VLkIjZgbXYPx');
define('NONCE_KEY',        '*oc2{8Hj+nElTjL_Tf9#o2BC|y5kxRD+;&q_H3P+0v6MDeGM');

This is php code: in any WordPress code (plugin, theme) running in that installation you'll be able to use SECURE_AUTH_KEY constant. So, you could put your own

define('MY_API_KEY',  'whatever-whatelse-o2BC|y5kxRD+;&q_H3P+0v6MDeGM');

in there and then use your MY_API_KEY constant in any code you wish.

If you're managing an API with a plugin or other code, you can put your key into the database. From WordPress code that would be done with

update_option( 'MY_API_KEY', 'whatever-whatelseC|y5yadda-yadda-eGM', false );

and retrieved with

$key = get_option( 'MY_API_KEY' );

This is the sort of thing you'll do if your plugin's settings panel prompts the site owner for the key.

If you have wp-cli installed on your machine, a shell script running in the site's root directory can get the key this way.

wp db query "SELECT option_value FROM wp_options WHERE option_name = 'MY_API_KEY'"

If none of these choices work for you, perhaps you could update your question or ask another.

Source