Typeform form and question keys client-side security concerns | Community
Skip to main content

Hello, Typeform community!

I am using the Typeform Vanilla JS embed library and had a question regarding Typeform form keys and reference IDs.

Are Typeform form keys sensitive in general? Is there any danger or security concern about my having the form ID in plain sight (i.e., a savvy user could open the browser developer tools and see the ID)?

Also, I am using the preselect feature to open the form in different states. Similar to the above, is there any security concern of having my question/answer IDs in plain sight?

Thanks!

Tagging @mathio and @picsoung for any advice here!


Hello ​@sofloweb.design 

if you are talking about form ID and question IDs / refs, there is no security concerns. Those values are available in the source code of the form itself, when it is rendered in the browser. Having them in your client-side code is completely fine.

What you should never include in any publicly accessible code are eg. API tokens.


Reply