[Security] Store board id into client side application

Is it okay for storing Trello board id into client side application as public information, anyone with or without access (3P client side app) able to see this information.

What would be the reasoning for showing this information to “anyone” (assuming this means everyone)?

If have had to, I would hash it in some way, so it is not translatable back to a Trello board ID in any way but also not keep it or store it for very long.

The Trello guidance is if it can in any way be tried by to an individual, be careful. And a board ID can be reverse engineered to get a link to access a possibly shared/public board where someone can determine the person that made the board, ergo the persons information.

https://developer.atlassian.com/cloud/trello/guides/compliance/personal-data-storage-gdpr/

1 Like