Hacker Newsnew | comments | show | ask | jobs | submit login

> At the same time, API credentials should by definition be single-use.

Could you spell this one out a little bit more? Do you mean only a single session should be able to use an API credential?




I mean the credential should only be relevant to the service, never shared across multiple services, because the API generates it for you.

-----




Applications are open for YC Winter 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: