Stack Overflow
Stack Overflow

Questions tagged [api-key]

An application programming interface key (API key) is a code passed in by computer programs calling an API (application programming interface) to identify the calling program, its developer, or its user to the Web site.

An application programming interface key (API key) is a code passed in by computer programs calling an API (application programming interface) to identify the calling program, its developer, or its user to the Web site. API keys are used to track and control how the API is being used, for example to prevent malicious use or abuse of the API (as defined perhaps by terms of service).

1021 questions
414
votes
14 answers

Best practice for storing and protecting private API keys in applications

Most app developers will integrate some third party libraries into their apps. If it's to access a service, such as Dropbox or YouTube, or for logging crashes. The number of third party libraries and services is staggering. Most of those libraries…
Basic Coder
  • 9,053
  • 5
  • 39
  • 71
141
votes
3 answers

How do API Keys and Secret Keys work? Would it be secure if I have to pass my API and secret keys to another application?

I am just starting to think about how api keys and secret keys work. Just 2 days ago I signed up for Amazon S3 and installed the S3Fox Plugin. They asked me for both my Access Key and Secret Access Key, both of which require me to login to…
Lance Pollard
  • 66,757
  • 77
  • 237
  • 416
128
votes
8 answers

Adding an .env file to React Project

I'm trying to hide my API Key for when I commit to github, and I've looked through the forum for guidance, especially the following post: How do I hide API key in create-react-app? I made the changes and restarted yarn. I'm not sure what I'm doing…
Biii
  • 1,321
  • 2
  • 7
  • 8
112
votes
6 answers

What is an API key?

I see this word in almost every cross service application these days. What exactly is an API key and what are its uses? Also, what is the difference between public and private API keys.
OrangeRind
  • 4,618
  • 12
  • 42
  • 56
103
votes
10 answers

Googlemaps API Key for Localhost

How do I get Google Maps API key to work on localhost? I've created an API key and under referrers I add the following: Accept requests from these HTTP referrers (websites) (Optional) Use asterisks for wildcards. If you leave this blank, requests…
adam78
  • 8,002
  • 17
  • 68
  • 154
101
votes
5 answers

What's the best approach for generating a new API key?

So with lots of different services around now, Google APIs, Twitter API, Facebook API, etc etc. Each service has an API key, like: AIzaSyClzfrOzB818x55FASHvX4JuGQciR9lv7q All the keys vary in length and the characters they contain, I'm wondering…
Phill
  • 17,067
  • 6
  • 53
  • 99
100
votes
5 answers

Why use an API key and secret?

I came across many APIs that give the user both an API key and a secret. But my question is: what is the difference between both? In my eyes, one key can be enough. Say I have a key and only I and the server know it. I create a HMAC hash with this…
EsTeGe
  • 2,613
  • 5
  • 26
  • 41
93
votes
4 answers

Using secret api keys on travis-ci

I'd like to use travis-ci for one of my projects. The project is an API wrapper, so many of the tests rely on the use of secret API keys. To test locally, I just store them as environment variables. What's a safe way to use those keys on Travis?
user94154
  • 15,244
  • 19
  • 74
  • 113
81
votes
5 answers

Place API key in Headers or URL

I'm designing a public API to my company's data. We want application developers to sign up for an API key so that we can monitor use and overuse. Since the API is REST, my initial thought is to put this key in a custom header. This is how I've seen…
Thomas Ahle
  • 28,005
  • 19
  • 77
  • 105
81
votes
2 answers

How do I securely use Google API Keys

So I am using the Google Maps API on my first project that I am doing... So yes I am new and I am sorry if this is basic or obvious but I haven't been able to find a clear answer or direction. Below is the documentation I found from Google about…
Jack O
  • 865
  • 2
  • 8
  • 9
76
votes
5 answers

How does Google Maps secure their API Key? How to make something similar?

Currently Google requires you to create an API Key that is specific to the domain of where the map will be served from. How does Google enforce this? I want to do the same thing. I expose an API for my service but want to allow clients to embed…
Vyrotek
  • 5,110
  • 5
  • 45
  • 66
75
votes
10 answers

How do I hide API key in create-react-app?

I made a weather app in create-react-app. How do I hide the API key so that I can commit to GitHub? Right now the key is in App.js: const API_KEY = "123456";
E. Choi
  • 763
  • 1
  • 6
  • 7
59
votes
1 answer

Web API creating API keys

I'm interested in creating API keys for web.api and allowing clients to communicate with API using the API keys rather than authorization web.api provides. I want multiple clients to be able to communicate with the web.api. instead of creating…
DarthVader
  • 46,241
  • 67
  • 190
  • 289
58
votes
5 answers

What's the API Key for in Google Maps API V3?

In the older version of the API, I'd have to insert the javascript into the page using something like this for just basic functionality to work: http://maps.google.com/maps?file=api&v=2&key=GoogleMapsAPIKey Where I had to configure the API key for…
Brandon
  • 65,640
  • 30
  • 189
  • 218
49
votes
2 answers

How to open-source an application that uses API keys

For a pet project, I develop a desktop application which requires API keys from several different webservices. I've been going through and preparing this application to become open-sourced and run across the problem of what to do with those…
callingshotgun
  • 743
  • 2
  • 8
  • 17
1
2 3
68 69