#burt

Hi, are yo asking if you can expose price_123 to your end customers?

yes

essentially

My end users accessing the web app access Items as with most e-commerce web apps, and I'm wondering if it's a security risk to store price_123 as an attribute of objects

GraphQL objects

Another way to explain would be this: My Items are stored in a NoSQL DB that is queried by my web app, and I intend to include price_id as an attribute

Yeap, they are find to be exposed as they won't be able to use that object id. (Unless they have your API key)

great thank you

To add to this - how should I store my keys?

I have them hard coded in my React app currently....