API Key

Follow

Chuck Cartia

• November 11, 2015 03:37

We are developing a desktop application that will use the Podio API. Is there any reason that each end user could not or should not generate their own API key (and then it would get stored in the application config file)? I am concerned about the rate limits and since this is a desktop application, we have no way of knowing how many calls are being made. We figured the average would be 20 rate limited calls per user per week. But some may be much higher. Thanks

1

• 

  Andreas Garnæs

  • November 11, 2015 08:52

  Hi Charles,

  The intent is that the developer (you) sets up the API key, and that the end user (your users) authorises with this API key. This represents the relationship that the user is acting through your application. If it turns out that rate limits are an issue, and you're using the API appropriately, then you can apply for an increased rate limit.

  Best,
  Andreas

  1

  Comment actions Permalink
• 

  Chuck Cartia

  • November 11, 2015 15:26

  Is there anyway to track an API keys usage?

  0

  Comment actions Permalink
• 

  Andreas Garnæs

  • November 11, 2015 15:30

  There are two HTTP headers on the response, X-Rate-Limit-Limit and X-Rate-Limit-Remaining, which you can inspect.

  0

  Comment actions Permalink
• 

  Chuck Cartia

  • November 11, 2015 15:36

  I know about the HTTP headers but this is a deployed desktop application. Say we have a 100 Podio users all using our application with the same API key, how do I know what the total API usage is? Or if we are getting close to the limit?

  0

  Comment actions Permalink
• 

  Andreas Garnæs

  • November 11, 2015 15:43

  If you want to monitor usage from a desktop application, I suggest the application could send these metrics.

  0

  Comment actions Permalink

Please sign in to leave a comment.