Flickr Authorisation URL's (Hide API key)

Topics: User Forum
Oct 10, 2006 at 2:03 PM
Hey :-)

On WackyLabs, Sam says:

"(Flickr provides you with custom URLs which can be used to replace the above URL, and avoid passing your api_key in the query string. This improves the security of your application.)"

I have absolutely no idea how to do this and can't seem to find any information out on it. Can anyone help me out? I don't want to keep flashing the api key/sig every time especially when we have a commercial one!

Thanks :-)
Oct 10, 2006 at 6:33 PM
The custom URL is for authentication when you choose the "mobile application" for your application type.

Hope that helps.
Oct 13, 2006 at 8:12 AM
Hey sam, thanks for the reply and your awesome library :-) Made my life easier.

It seems the mobile urls, although they hide the api key initially when you follow the link, it simply redirects to the normal url and makes the apikey and sig visible. It seems a bit stupid you can't hide the api key fully. I mean, is there anything stopping users from copy and pasting my details into their own app and using the commercial API?

It seems a bit insecure?

Thanks again,