问题
I'm interested in using Xively's image embed code in a website I'm working on, but I need to either:
Make the Xively feed public in order to access the image
Include the API key in the get request
Now I do not want to expose our private information or open up the datastreams to being modified without my permission using my API key, what options do we have? In other words, how can I conceal the API key in the image URL that your can easily find by viewing the source? I'm not particularly keen on saving the image locally, renaming it, and then serving it from our server with a different name.
回答1:
Xively API keys have very fine-grain permissions. You probably want to generate a key that has:
- read-only access to just that specific feed
- referrer set to the domain of your website
You will find an "Add Key" button on your develop workbench, see screenshot below.
This should protect your data, but still keep your device's feed private.
来源:https://stackoverflow.com/questions/16732749/hiding-api-key-on-xively-image