php - Where to store API keys in WordPress?
Where can I store API keys in WordPress? I need to access them in the root directory of the site, and for some reason adding them to wp config makes them inaccessible in the root directory.
Answer
Solution:
There's a file called wp-config.php
that's ordinarily in the root directory of a WordPress installation.
It's a PHP program, and has entries like these in it.
define('SECURE_AUTH_KEY', '9LjsBztwN9VuM=Fl=V6h8lM1zF@&o=-6W]7`VLkIjZgbXYPx');
define('NONCE_KEY', '*oc2{8Hj+nElTjL_Tf9#o2BC|y5kxRD+;&q_H3P+0v6MDeGM');
This is php code: in any WordPress code (plugin, theme) running in that installation you'll be able to use SECURE_AUTH_KEY
constant. So, you could put your own
define('MY_API_KEY', 'whatever-whatelse-o2BC|y5kxRD+;&q_H3P+0v6MDeGM');
in there and then use your MY_API_KEY
constant in any code you wish.
If you're managing an API with a plugin or other code, you can put your key into the database. From WordPress code that would be done with
update_option( 'MY_API_KEY', 'whatever-whatelseC|y5yadda-yadda-eGM', false );
and retrieved with
$key = get_option( 'MY_API_KEY' );
This is the sort of thing you'll do if your plugin's settings panel prompts the site owner for the key.
If you have wp-cli installed on your machine, a shell script running in the site's root directory can get the key this way.
wp db query "SELECT option_value FROM wp_options WHERE option_name = 'MY_API_KEY'"
If none of these choices work for you, perhaps you could update your question or ask another.
Source