Jump to content

Talk:API key

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Rol8Weber (talk | contribs) at 07:49, 25 December 2019 (API Keys vs. Passwords: new section). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
WikiProject iconComputing: Software Stub‑class Low‑importance
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing
StubThis article has been rated as Stub-class on Wikipedia's content assessment scale.
LowThis article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software (assessed as Low-importance).

This article is erroneous - a UUID by definition must have 32 characters. Many API keys have 10-12-etc. Something as long as 32 would be an exception in my experience.

--

Additionaly, it is not clear how an API key is supposed to work on the server side or what benefits it provides..! — Preceding unsigned comment added by 2001:980:E8E5:1:8D1A:115E:35C9:A790 (talk) 02:32, 28 September 2015 (UTC)[reply]

UUIDs are no longer mentioned. On the server side, API keys work like passwords. I'll try to add something about the benefits. Rol8Weber (talk) 07:05, 25 December 2019 (UTC)[reply]

API Keys vs. Passwords

I've been reading up on API keys lately. I interpret them as secondary passwords to a personal or technical user account, with inherent restrictions. The actual password is to authenticate the user, and login might require multi-factor authentication. But automated tasks like a CI/CD pipeline can't do MFA. An API key allows single-factor authentication to an API on behalf of the user. API keys cannot be used to login to the user interface. Some implementations, like the Personal Access Tokens of source code hosters, allow for managing multiple API keys per account, with restrictions according to the task for which the key gets generated. JFrog Artifactory for example has only a single API key per account. Rol8Weber (talk) 07:49, 25 December 2019 (UTC)[reply]

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:API_key&oldid=932354479"