667 B
667 B
General Considerations
- Regenerate a regular/master API Key if you suspect it has being compromised. A regenerated API Key grants the same permissions as before, but has a new code/token. Maps/apps using a regenerated API Key must be updated to adapt to that change, otherwise they will stop working.
- Send always an API Key in your API requests
- Issue a new regular API Key per map/app. Try to avoid sharing keys between maps/apps
- Grant the least amount of necessary permissions per API Key
- Use the Master API Key sparingly
- Keep your Master API Key secret!
- Do not overuse the Default Public API Key. It’s meant for obviously public Datasets.