Jump to content

API key

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 2600:387:15:534::8 (talk) at 13:28, 11 March 2022. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

= globalSimulationSettings.bendStiffness let G.VertexWeight = globalSimulationSettings.bendStiffnessVertexWeight let V[i] = perVertexSimulationSettings[vertexIndex].bendStiffness let V[i].GlobalWeight= perVertexSimulationSettings[vertexIndex].bendStiffnessGlobalWeight

Usage

The API key often acts as both a unique identifier and a secret token for authentication, and will generally have a set of access rights on the API associated with it.[1]

HTTP APIs

API keys for HTTP-based APIs can be sent in multiple ways:[2]

In the query string:

POST /something?api_key=abcdef12345 HTTP/1.1

As a request header:

GET /something HTTP/1.1
X-API-Key: abcdef12345

As a cookie:

GET /something HTTP/1.1
Cookie: X-API-KEY=abcdef12345

Security

API keys are generally not considered secure; they are typically accessible to clients, making it easy for someone to steal an API key. Once the key is stolen, it has no expiration, so it may be used indefinitely, unless the project owner revokes or regenerates the key.[3] If an API key is meant to be accessible to the client, it is only considered secure if used together with other security mechanisms such as HTTPS/SSL.[2]

References

  1. ^ IBM Application Security on Cloud (Generating API Keys)
  2. ^ a b "API Keys". Archived from the original on 2019-10-17.
  3. ^ Cite error: The named reference :1 was invoked but never defined (see the help page).
Stub icon

This computer-programming-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=API_key&oldid=1076507036"