unfortunately RapidAPI does not support the feature of locking an API key to a domain (referrer). And even that would not be 100% save as anyone could spoof a referrer. Nevertheless we never saw a stolen or misused API key so far. RapidAPI does support key rotation in case you would see any unusual requests (see https://docs.rapidapi.com/docs/keys ).
We’ve sent you some further options for more API key security by mail (should arrive in a few minutes).
Participez à la discussion - ajoutez un commentaire ci-dessous:
Connectez-vous / Inscrivez-vous pour publier de nouveaux commentaires
Is there any improvement on that point yet? I still see difficulties when there is an open app anybody could use my API key.
Hi,
unfortunately RapidAPI does not support the feature of locking an API key to a domain (referrer). And even that would not be 100% save as anyone could spoof a referrer. Nevertheless we never saw a stolen or misused API key so far. RapidAPI does support key rotation in case you would see any unusual requests (see https://docs.rapidapi.com/docs/keys ).
We’ve sent you some further options for more API key security by mail (should arrive in a few minutes).