cartodb/doc/developer-center/auth-api/guides/04-general-considerations.md

## General Considerations

- Regenerate a regular/master API Key if you suspect it has being compromised. A regenerated API Key grants the same permissions as before, but has a new code/token. Maps/apps using a regenerated API Key must be updated to adapt to that change, otherwise they will stop working. 
- Send always an API Key in your API requests 
- Issue a new regular API Key per map/app. Try to avoid sharing keys between maps/apps 
- Grant the least amount of necessary permissions per API Key 
- Use the Master API Key sparingly 
- Keep your Master API Key secret! 
- Do not overuse the Default Public API Key. It’s meant for obviously public Datasets.
-												Initial commit

											
										
										
											2020-06-15 10:58:47 +08:00
+								## General Considerations
 								- Regenerate a regular/master API Key if you suspect it has being compromised. A regenerated API Key grants the same permissions as before, but has a new code/token. Maps/apps using a regenerated API Key must be updated to adapt to that change, otherwise they will stop working.
 								- Send always an API Key in your API requests
 								- Issue a new regular API Key per map/app. Try to avoid sharing keys between maps/apps
 								- Grant the least amount of necessary permissions per API Key
 								- Use the Master API Key sparingly
 								- Keep your Master API Key secret!
 								- Do not overuse the Default Public API Key. It’s meant for obviously public Datasets.