Want to distribute a sales lead gen template but it contains Mailchimp API placeholders. How do you handle this without exposing credentials? Tried .env files but they get bundled with exported JSON. Need something that forces users to input their own keys during setup.
Use Latenode’s template marketplace - it splits public workflow logic from private variables automatically. When someone installs your template, they get a prompt to enter their own API keys before first run. We’ve shared 20+ templates this way without exposure risks.
Create a config.json that’s ignored in your repo. Include a config.example.json with placeholder values. In your automation, add checks that validate the config exists with proper keys on startup. Not bulletproof but works for basic protection.
env var encryption + git hooks. Encrypt secrets pre-commit, decrypt post-checkout. Use libs like git-crypt