i was working on a weather app by using an API by openweathermap.org and then came across the concept of using the API key.
WHAT EXACTLY THE API KEY IS
An application programming interface key (API key) is a unique identifier used to authenticate a user, developer, or calling program to an API. However, they are typically used to authenticate a project with the API rather than a human user. Different platforms may implement and use API keys in different ways. The API key often acts as both a unique identifier and a secret token for authentication, and will generally have a set of access rights on the API associated with it.
When and Why to Use API Keys
API keys are used with projects, while authentication is designated for the users. Cloud Endpoints will, in many cases, handle both the authentication procedures as well as the API keys. The differentiating factor between the two is:
- Authentication tokens are used to identify the users, i.e., the person who is using that particular website or application.
API keys are used to identifying the project making the call. This can either be the website or the application that is making the call to the application programming interface.
Application Programming Interface Keys Guarantee Project Authorization
Before deciding on the most appropriate scheme, you will need first to understand what authentication and API keys can provide. The keys can provide:
Project authorization—To help check whether the application making the call has access to call it. It also checks whether the API in this project is enabled.
Project identification—Identify the project or the application making the call to the API. You should note that the API keys are not as secure as the tokens used for authentication purposes. However, they do assist in identifying the project or the application that is behind the call.
To Get An API Key
you can gain access to the api's key if that will be free , you can get your key by logging into the site and you will be provided with the api key and same for the paid ones.
USAGE THROUGH EXAMPLE
api.openweathermap.org/data/2.5/weather?q={city name}&appid={API key}
above url is for the fetch call and as you can see it requires an api key. While making the fetch call we have to update the url with values and key. If the API key field is left empty while making the call , the server will not respond or resposne will get rejected. In openweathermap.org , you are given a key when you signup. As we know how to make a fetch call and updating the URL , we will only get authorized when the API key is correct.
api.openweathermap.org/data/2.5/weather?q=L..{01283ghfj} if the api key is correct we will get a fulfilled response and rejected in case of wrong api key.