I’m excited to introduce you to HTTP requests and provide you with tools and resources to get up and running.
Learning how to work with APIs is a ...
For further actions, you may consider blocking this person and/or reporting abuse
This really highlights why you really should avoid giving frontend programs access to your API keys and other such tokens and always route requests via your backend.
You give access to your API keys and other secrets to the frontend and literally anyone can see them.
You should
1) Better block out your API key from your screenshots
2) Remove it from your example code
3) Get NASA to invalidate that one and issue you a new one
Edit: I guess the example codes use some demo key, that's probably fine. The screenshot is still easily readable.
The credentials have been invalidated as an extra precaution but thank you!
When you say "the API" you probably very specifically mean this API specifically, there's a lot of other APIs that would require you to actually keep your credentials secret, when they e.g. result in billing events. This is why it's a good practice to avoid doing things like this on the frontend.
If your requests are causing too much load on your backend, just think what you're doing to other peoples' backends. Logging etc. is of course configurable, by you.
Yes!!
This is really cool. Just having interesting data to work with for BigData or ML purposes is fun, and since I like Star Trek it plays in that theme very well.
OMG HOW COOL IS THIS?!?!
Might want to blur those credentials a bit more
The credentials have been invalidated as an extra precaution but thank you!
I freaking love NASA! Great job!
Thank you!!
This is so cool! thanks for sharing 🙌🏽🙌🏽
Let me hack NASA now
Unless this is specifically for node, using JS to interact with an API using a private API key exposes it to anyone viewing the page. The proper way would be to use server-side processing.
Hi, this may sound very dumb. I'm using the NASA API for a Bot on Discord, how would I go about using this? I'm having very much troubles with it.
Oh no! Sorry I am just seeing this 🤦 This isn't dumb at all. What are you trying to do specifically? I haven't worked on bots before but I'm happy to help if there's something I can answer for you!
You really should pixelize those credentials a bit better.
The credentials have been invalidated as an extra precaution but thank you!
... also your API key is still in the example code.