I have my api calls coming from secure server side code. However the rate limit of 40 calls per 10 seconds per IP address is likely to cause issues. To overcome the problem we discussed moving the API call into Javascript on the client. But that will expose the API key.
Any advise here? It seems the way you have limits setup is not great for web development.
Can't find a movie or TV show? Login to create it.
Want to rate or add this item to a list?
Not a member?
Reply by Travis Bell
on August 8, 2018 at 12:36 PM
Hi there,
Putting it client side is fine. I've seen lots of apps that do this. There isn't a ton of motivation to steal keys since our service is free. Anyone can sign up and grab their own.
Reply by scottkuhl
on August 8, 2018 at 12:58 PM
That works for me then. Thanks for the quick response.