Protecting YouTube v3 API key in a client-side application

后端 未结 7 1480
借酒劲吻你
借酒劲吻你 2021-01-05 09:41

I\'m looking at the following guide: https://developers.google.com/youtube/v3/getting-started

The first step of interacting with YouTube\'s API is:

相关标签:
7条回答
  • 2021-01-05 10:32

    You can use restriction to secure your API Key.

    Use the REFERERS attribute of the public API key. Go to your project in console developers -> API&Auth -> Credentials

    • If you use Key for browser applications, REFERERS is a reference to a domain.
    • If you use Server key, REFERERS is a reference to a IP. (ip of your server for example)

    For example, if you use github.io to make live demo of an application, REFERERS will point on http://user.github.io/*

    You can read more register your application

    • Use a server key if your application runs on a server. Do not use this key outside of your server code. For example, do not embed it in a web page. To prevent quota theft, restrict your key so that requests are only allowed from your servers' source IP addresses.

    • Use a browser key if your application runs on a client, such as a web browser. To prevent your key from being used on unauthorized sites, only allow referrals from domains you administer.

    A screen to help you :
    enter image description here

    0 讨论(0)
提交回复
热议问题