api-key

问题 I'm developing a RESTful API for my app on GAE python and right now I'm trying to figure out the best way to secure this API. I have my own member/authentication mechanism on this app. what is the best way to do this? having public/private key pairs becoming an OAuth provider HTTP authentication (seems very weak to me) other?? 回答1: First, discard HTTP Auth. It is not recommended in a true REST API since it resides on cookies. I would go with OAuth. There's a library called appengine_oauth

问题 I have created a java daemon program that collects data from social network accounts. I use a lot of services including Flick, S3, GeoCoding, etc. Currently I have the program set up to read all these API keys from a properties file. I also have a similarly formatted properties file in my test folder that contains different keys for testing purposes. These property files are not committed to source obviously. This collection program writes to a mongo db. I am also building a web app that also

问题 I am developing an application that should present the user near restaurants. For this purpose I want to use Google Places to get the locations and names in order to draw the places on map, using Google Maps. I am confused about the API Keys. I first generated one API key for Google Maps API (android key) and Google Maps works fine with it, but when I try to use Google Places API Web Service with the same key it tells me : error_message: This IP, site or mobile application is not authorized

问题 I want to create a flexible API Rest server. I will allow the clients to authenticate using HTTP or an APIKEY. My question is: what is the correct way to add the apikey to a GET request? My problem is the apikey pollutes the url. I imagine something like this : /book/1/apikey/s4cr4t ! 回答1: In my opinion you should only use the Authorization header. That's what it is there for. Putting it in the URL is a bad idea because: a) as you said it pollutes the URL b) if you decide to go SSL for

问题 I just created an API key for using with my site, the map is going to just show where the company it's placed. But somehow the map is loaded and then it self refreshed and shows the ExpiredKeyMapError in the js console. Have you got any idea what it can be? PS: I tried to re-create it from another account and remove any non google parameters from url generation and still not working. Page is: https://corporativo.androsol.com/contact/ Thanks for any help! 回答1: For me it showed that Javascript

问题 I just created an API key for using with my site, the map is going to just show where the company it's placed. But somehow the map is loaded and then it self refreshed and shows the ExpiredKeyMapError in the js console. Have you got any idea what it can be? PS: I tried to re-create it from another account and remove any non google parameters from url generation and still not working. Page is: https://corporativo.androsol.com/contact/ Thanks for any help! 回答1: For me it showed that Javascript

问题 Is it possible to specify multiple keys for Google Maps Android API in the same code base? It looks like I have to change the key in manifest file each time I change keystore. It's not very convenient, imho, if you need to test the app signed with keys form debug and release keystores. 回答1: I don't think this is what you want to do. You should add both debug and release SHA1 key to API key on Google Developer API Console. Take a look at this answer 回答2: I added both keys in the manifest at

问题 I recently launched an Android app which makes use of the Google Places autocomplete widget/API. As part of the configuration for this, I added the API key to my Android's manifest file: <application> ... <meta-data android:name="com.google.android.geo.API_KEY" android:value="MY_KEY_HERE"/> </application> Furthermore, in the Google Developers console, I enabled this API key for Android devices only, but did not restrict to any particular API. I also entered the correct package name and SHA-1

问题 In my C# project have APIKeys.cs file which have const strings with API keys. I want those strings to be empty in Git server but have actual API keys in my local computer. So peoples who pull project can compile it without problem and still my local computer gonna have API keys in same file. If I try to upload APIKeys.cs file with empty strings then I can't have local file with API keys because when I try to push it, it will overwrite empty APIKeys.cs file. Also I can't ignore this file too

问题 I am trying to set the RavenDB DocumentStore.ApiKey in NServiceBus 3.2.3. According to this thread, this is not able to be read directly from the connection string by the version of RavenDB used in NSB 3.2.3. The DocumentStore instance in NSB is registered as an IDocumentStore , which means I cannot use a custom action like this as IDocumentStore does not expose ApiKey : Configure.With() .DefaultBuilder() .RavenPersistence() .RunCustomAction(() => Configure.Instance.Configurer