Hacker Newsnew | comments | ask | jobs | submitlogin
danielweber 371 days ago | link | parent

> At the same time, API credentials should by definition be single-use.

Could you spell this one out a little bit more? Do you mean only a single session should be able to use an API credential?

tptacek 371 days ago | link

I mean the credential should only be relevant to the service, never shared across multiple services, because the API generates it for you.


Lists | RSS | Bookmarklet | Guidelines | FAQ | DMCA | News News | Feature Requests | Bugs | Y Combinator | Apply | Library