Thread Reader

RapidAPI

RapidAPI
@Rapid_API

Aug 31, 2022

What exactly are API keys? Read this RapidAPI Comic to find out. { 1 / 6 }

What are API Keys? RapidAPI Comic cover.

{ 2 / 6 }

API keys are unique alphanumeric strings that are assigned to clients for them to have access to an API and its services. The purpose of an API key is API security, client authentication, and authorization.

{ 3 / 6 }

Authentication - APIs authenticate a project by identifying the application making a request to it. This is done using the unique key assigned. It's important to remember that this is not the same as user authentication. APIs have no way of knowing who is using the client application, they only identify the client application itself.

{ 4 / 6 }

Authorization - API keys also let the API know the permissions of the requesting client. For example, clients may be on different payment plans for the same API. Therefore some clients may have restricted access, such as API call limits, whereas others won't.

{ 5 / 6 }

The API owner can also use API keys to monitor client activity. API owners can apply filtering and traffic control methods that reduce the risk of security breaches and attacks.

{ 6 / 6 }

It's vital to keep API keys hidden and never expose them in client-side code, or public code like a public repository. Otherwise, the data they contain is at risk. You should never store API keys directly in your code. Instead, use popular, secure methods such as environment variables.

Thanks for reading! Check out RapidAPI Studio (RapidAPI.com/studio?utm_sou) for all your API needs.

RapidAPI

RapidAPI

@Rapid_API

RapidAPI is the world's largest API Hub, where over four million developers find, connect, build, and sell tens of thousands of APIs.

Follow on Twitter

twitter-thread.com/t/1564987125552013312

Missing some tweets in this thread? Or failed to load images or videos? You can try to .