python - How to handle sensitive configuration information when deploying app-engine applications? -

example: have applications needs access api providing authentication token

myapi = myapi(token=my_private_sensible_token) 

i want avoid having private token in configuration file part of project.

one solution comes mind isolate interaction service in separate proxy application maintained restricted number of authorised people. app-engine allows protect handlers authentication , easily, in proxy, allow calls coming authorised app-engine consumer application.

different solutions can think of, @ point make private token available in consumer application memory, allow malicious user (that maintains consumer) write handler prints out secret token in fancy way application has retrieved.

do have better suggestions?

another possible approach have 2 copies of app (actually 2 different apps happen to have same code), each own app_id, config file(s), etc:

• one development/staging, accessible larger development team
• one production - (possibly cloned/forked same scm repo, maybe private branch?) accessible trusted devs , contents of config file overwritten/updated production deployment

such setup can offer additional benefits besides restricting access production credentials, example:

• ability use ci system includes automatic deployment on very close production environment
• tighter control production deployments