I am building a Nodejs 3rd party API service, most times I use other third-party API services there always some form of API key and API secret used for authentication, Can someone explain how that works, and are there libraries in NodeJS I can use to achieve that.
Asked
Active
Viewed 832 times
1
-
I am not sure what you are trying to achieve, could you please provide more details. – doctorsherlock Apr 06 '21 at 06:49
-
1An API Key and API Secret are just like a username and password. The API Key identifies who the API user is (and allows you to use that information to determine what they should be able to access, how many requests they can make, how much bandwidth they are allowed to use, etc... - all things that would be assigned to a specific user of your API. The API secret is like their password that authenticates them and proves they are who they say they are. The API Keys just need to be unique and (in some cases) non-guessable and the API Secret just needs to be varied enough to be secure. – jfriend00 Apr 06 '21 at 06:53
-
Let me say I am building a service like Binance, in which users will have to perform functions using API calls. Binance uses API key and secret to secure API, I want to know how to implement the same form of security using nodeJs – Aniefon Umanah Apr 06 '21 at 06:53
-
So, you implement the same way you implement username and password authentication except that you (rather than the user) generate the API key and the API secret and you communicate it to a new, approved user of the API. They copy it down and then use it when programming to your API. – jfriend00 Apr 06 '21 at 06:54