Re: securing API data
I have asked a question that is similar to yours. You can find the answers I received here. Pretty interesting read, even if I don't comment much in the topic
URL: https://forum.audiogames.net/post/463519/#p463519
--
Audiogames-reflector mailing list
Audio
Re: securing API data
This is something similar to what HashiCorp Vault does: you can log in through various authentication methods. After you've logged in, you are given a token to submit further requests as an authenticated user.
URL: https://forum.audiogames.net/post/463476/#p4
Re: securing API data
True enough.I had arguably considered doing that, making it to where the python client does an https request to the server, which then serves up the correct key/secret.The obvious disadvantage to that is that anyone could just do it themselves?though in theory... Hey
Re: securing API data
Any program on a users system can be breached, communications between programs can be intercepted, or altered in memory. The most you can do is make it really inconvient, which has tradeoffs in terms of time and complexity to implement, along impacts on game
securing API data
So I was curious to see how creative everyone would get with this problem.In every API call, you have a ID, a secret, and an access token, (most of the time).Now, if we're talking about python here, how would one go about securing the ID and secret safely?After al
