Typeform form and question keys client-side security concerns | Community
Skip to main content
Question

Typeform form and question keys client-side security concerns

  • November 9, 2024
  • 2 replies
  • 34 views

Hello, Typeform community!

I am using the Typeform Vanilla JS embed library and had a question regarding Typeform form keys and reference IDs.

Are Typeform form keys sensitive in general? Is there any danger or security concern about my having the form ID in plain sight (i.e., a savvy user could open the browser developer tools and see the ID)?

Also, I am using the preselect feature to open the form in different states. Similar to the above, is there any security concern of having my question/answer IDs in plain sight?

Thanks!

2 replies

Liz
Community Team
Forum|alt.badge.img+5
  • Tech Community Advocate
  • 15018 replies
  • November 12, 2024

Tagging @mathio and @picsoung for any advice here!


mathio-tf
Typeform
Forum|alt.badge.img+5
  • Typeform
  • 888 replies
  • November 18, 2024

Hello ​@sofloweb.design 

if you are talking about form ID and question IDs / refs, there is no security concerns. Those values are available in the source code of the form itself, when it is rendered in the browser. Having them in your client-side code is completely fine.

What you should never include in any publicly accessible code are eg. API tokens.


Reply