cartodb/doc/developer-center/auth-api/guides/04-general-considerations.md
2020-06-15 10:58:47 +08:00

667 B
Raw Blame History

General Considerations

  • Regenerate a regular/master API Key if you suspect it has being compromised. A regenerated API Key grants the same permissions as before, but has a new code/token. Maps/apps using a regenerated API Key must be updated to adapt to that change, otherwise they will stop working.
  • Send always an API Key in your API requests
  • Issue a new regular API Key per map/app. Try to avoid sharing keys between maps/apps
  • Grant the least amount of necessary permissions per API Key
  • Use the Master API Key sparingly
  • Keep your Master API Key secret!
  • Do not overuse the Default Public API Key. Its meant for obviously public Datasets.