Guest
home
beatmaps
rankings
community
store
help
forum
  1. Forums
  2. osu!
  3. Help
  4. Resolved Issues

[Archived] what can people do with your api key?

posted
Total Posts
8
GDcheerios
55 posts
Joined December 2017
Topic Starter
GDcheerios
I am making a website and am trying to hide my api key cause I hear there is some bad stuff that people can do with it so I am using a server to request info from a node.js file so they can't get it but I don't know how to do requests or using servers or database,
Death
Global Moderator
20,477 posts
Joined September 2013
Death
They can pretend to be you, which is a really bad thing.
GDcheerios
55 posts
Joined December 2017
Topic Starter
GDcheerios
Give me an example please, like on osu!? Or something else?
Death
Global Moderator
20,477 posts
Joined September 2013
Death
On osu!. Your API key belongs to you, when you make requests with that key you are essentially saying, "hey this is me, GDcheerios, making this request." If someone else has your key they can say they are you.
GDcheerios
55 posts
Joined December 2017
Topic Starter
GDcheerios
So if I make another account and just use that key would that work?
Death
Global Moderator
20,477 posts
Joined September 2013
Death
No, it is against the rules to create more than one account. Just keep your API key safe.
GDcheerios
55 posts
Joined December 2017
Topic Starter
GDcheerios
I know you can also just send people an authorization so they can authorize their accounts to it and save it in a database for the next time, but how do I do that?
Death
Global Moderator
20,477 posts
Joined September 2013
Death
That should be explained in the documentation here: docs/index.html
Please sign in to reply.

New reply

0
1 / 8