unfortunately RapidAPI does not support the feature of locking an API key to a domain (referrer). And even that would not be 100% save as anyone could spoof a referrer. Nevertheless we never saw a stolen or misused API key so far. RapidAPI does support key rotation in case you would see any unusual requests (see https://docs.rapidapi.com/docs/keys ).
We’ve sent you some further options for more API key security by mail (should arrive in a few minutes).
Doe mee aan de discussie - voeg hieronder een opmerking toe
Log in / Schrij u in om nieuwe opmerkingen te plaatsen
Is there any improvement on that point yet? I still see difficulties when there is an open app anybody could use my API key.
Hi,
unfortunately RapidAPI does not support the feature of locking an API key to a domain (referrer). And even that would not be 100% save as anyone could spoof a referrer. Nevertheless we never saw a stolen or misused API key so far. RapidAPI does support key rotation in case you would see any unusual requests (see https://docs.rapidapi.com/docs/keys ).
We’ve sent you some further options for more API key security by mail (should arrive in a few minutes).