Scanner Rule
Exposed API Keys
What is this?
Hardcoded API keys inside client-side bundles can be scraped by anyone and used to impersonate your app, bypass billing, or access external services — causing financial or data loss.
How Igris Radar detects it
The Igris Radar scanner automatically flags Exposed API Keys during its comprehensive audit of your web property. We simulate real-world crawlers and attack vectors to find issues before they impact your business.
Scan your site for this issue