Reputation: 2753
Hiding API Key on Xively Image
I'm interested in using Xively's image embed code in a website I'm working on, but I need to either:
Make the Xively feed public in order to access the image
Include the API key in the get request
Now I do not want to expose our private information or open up the datastreams to being modified without my permission using my API key, what options do we have? In other words, how can I conceal the API key in the image URL that your can easily find by viewing the source? I'm not particularly keen on saving the image locally, renaming it, and then serving it from our server with a different name.
Upvotes: 1
Views: 451
Answers (1)
Reputation: 6912
Xively API keys have very fine-grain permissions. You probably want to generate a key that has:
- read-only access to just that specific feed
- referrer set to the domain of your website
You will find an "Add Key" button on your develop workbench, see screenshot below.
This should protect your data, but still keep your device's feed private.
Upvotes: 2
Related Questions
- How do I hide my API key in script.js file using dotenv
- How to Hide an API Key in Client-Side Javascript
- How can I hide my api keys when deploying an app in a virtual machine on the cloud?
- How to Hide API key in Preact?
- Where to "hide" an API key
- How to hide an API Key with Angular 8.0.2
- How can I hide api key in bixby-studio?
- Hiding an api key, php
- How to hide API Keys in Android
- How can I make my API key hidden so that anyone decompling my app wouldn't see it?