Api Key Security in JavaScript

Assistance de TMDB

Assistance → Assistance de l'API

posté par scottkuhl
STAFFMOD
le 8 août 2018 à 11h36

I have my api calls coming from secure server side code. However the rate limit of 40 calls per 10 seconds per IP address is likely to cause issues. To overcome the problem we discussed moving the API call into Javascript on the client. But that will expose the API key.

Any advise here? It seems the way you have limits setup is not great for web development.

2 réponses (sur la page 1 sur 1)

• Jump to last post

Réponse de Travis Bell

STAFFMOD

le 8 août 2018 à 12h36

Hi there,

Putting it client side is fine. I've seen lots of apps that do this. There isn't a ton of motivation to steal keys since our service is free. Anyone can sign up and grab their own.

Réponse de scottkuhl

STAFFMOD

le 8 août 2018 à 12h58

That works for me then. Thanks for the quick response.

Membres de cette conversation

Catégories

Assistance de TMDB