The Movie Database Support
Support → API Support
What to anticipate when going public with a TMDB-IMDb integration userscript?
posted by ofitichorSTAFFMOD on September 16, 2023 at 2:24 AM
What problems do I have to expect if I publish a userscript that embeds the score from TMDB on IMDb. This question I just also in view of the API key, which is then also public.
Reply by ofitichor
on October 1, 2023 at 3:11 PM
An answer would help me š
Reply by robbie3999
on October 2, 2023 at 5:35 PM
If you want an answer you need to ask a more specific question. No one knows what your app is and what kind of problems you might have with it.
Reply by ofitichor
on October 3, 2023 at 3:02 AM
Actually, I thought I was already very special.
I want to publish a javascript for Tampermonkey/Greasemonkey, which embeds the score from TMDB in IMDb. So that the score can be displayed, my API Key is needed.
My question is, could publishing my API Key through this javascript be a problem? Like violating some rule.
Reply by Travis Bell
on October 3, 2023 at 10:29 AM
Not sure it's against a rule per se, but it makes your key easy to steal. If a bad actor were to get a hold of your API key and start using maliciously and we have to block it, it will take your project offline. I suppose that is the main concern you should be thinking about.
Reply by ofitichor
on October 3, 2023 at 10:35 AM
Yes, that is what worries me. So my question is how the API key could be used maliciously? And if I were to be blocked, could I request a new one, which I would then accordingly no longer publish?
A solution might also be an API key that could be assigned with restrictions, e.g. read-only rights and quantity of requests.
Reply by Travis Bell
on October 3, 2023 at 10:46 AM
We have to block keys semi regularly because they are used on illegal streaming sites, piracy and the like.
Yes, you can re-generate a new key from within your account's API settings page at any time.