Sign In Register

How can we help you today?

Start a new topic

Store Secret key without Node.js


I'd like players to register on my website for my game. However, at the moment my website is running on a shared server where Node.js can't be installed.

Usually I would store access data for database outside the root of mywebsite, i.e.:




How would I got about on calling the data in that file (in this case with the secret key) in the javascript key field:

     key:<YOUR API KEY>,
     onNonce: <HMAC FUNCTION>,

I haven't worked with Javascript before, so it's all pretty new to me.

Thanks for the help!

1 Comment

Hi Ilse,

For storing your Node secret, in the context of the tutorial, you would perform a REST request when the SDK init's in it's onNonce function. Here, you would fire a request to send the nonce to some server, and get back a response. It doesn't strictly have to be a Node server, as long as you can hit and endpoint and get back data it should work fine regardless.

Here is one such example using XMLHttpRequest (Note that this is blocking).


 function onNonce(nonce){ 

  return getHMAC(nonce);

 function getHMAC(nonce)
  console.log("Nonce: " + nonce)
  var xhttp = new XMLHttpRequest();
  var url = "http://localhost:9090/" + nonce;"GET",url,false);



   console.log("Resp: " + xhttp.responseText);
   return xhttp.responseText;


The logic on the Node side should simply allow for you to hmac the secret against the nonce. On Node this would look like:


crypto.createHmac('SHA256', apiSecret).update(nonce).digest('base64');


If you're working in a different server language then finding an alternative to this is the only real base requirement.


Login to post a comment