Use an API key to create custom applications with Blue Billywig’s API. In this article you will learn about creating API keys as well as several recommendations for managing API keys in order to keep your account secure.
API secret for time-based token calculation
The “API Secret” listed in the credentials can be used to calculate time-based tokens. Visit our article Getting started with API for code examples.
1.0 | Create an API key
To create an API Key:
- Click to expand “Publication settings” in the left menu panel
- Click “Secrets”;
- Click “Create new API Key”;
Admin permissions required
Contact your account’s admin user or support@bluebillywig.com if the “Secrets” menu isn’t available.
- Enter the API key “label” (required) and “description” (optional);
- Select the permissions of the API key;
- Click “save” to generate the “Secret” and “ID” value of the API key. Both values are required for authentication (read more about getting started with SAPI)
2.0 | API Key Management: Best Practices
Proper API key management is recommended to keep your account secure. We would specifically recommend the following best practices:
- Create separate API keys for each implementation;
- Determine appropriate access permissions for your API keys;
- To avoid exposure to the public, beware not to embed API keys directly in your code or to store API keys in files that are part of your application’s source tree.
- Delete unused API keys;
- Periodically renew API keys;