I am currently programming a WebApp in which I need to use an API from a large company. I need to store my users' data for accessing the API somehow. How can I store my users' API keys in my database without them being used in case of a data leak?
I want the password to be linked to an account so that the user only has to enter the password once, even if they access the WebApp from different devices?
To be precise, I would need to store a username and password that can be associated with an account.
If i would encrypt the Password somehow i would really like to do it in PHP, so that everything is happening on my Servers.
I thought about encrypting the data for the API with the User Password of my WebApp but even with that i don't know how i would do that in PHP.
Addition 02.11.2022
The API (which is a school-timetable-app) doesn't use Keys, it uses the Login Credentials (Password and Username), with which the users even login to the application. The API is just an readout of the school-timetable-app.