Recall & Review
beginner
What is an API key?
An API key is a unique code passed by a client to an API to identify and authenticate the client making the request.
Click to reveal answer
beginner
Why should API keys be kept secret?
API keys grant access to services and data. If exposed, unauthorized users can misuse the API, causing security risks and extra costs.
Click to reveal answer
intermediate
What is the purpose of rotating API keys?
Rotating API keys means regularly changing them to reduce the risk of misuse if a key is compromised.
Click to reveal answer
intermediate
How can you restrict API key usage?
You can restrict API keys by limiting IP addresses, setting usage quotas, or defining allowed API endpoints to improve security.
Click to reveal answer
advanced
What is the difference between API key and OAuth token?
An API key is a simple static token for identification, while an OAuth token is a dynamic token that provides delegated access with user permissions.
Click to reveal answer
What is the main role of an API key?
✗ Incorrect
API keys are used to identify and authenticate clients making API requests.
Which practice helps protect API keys from misuse?
✗ Incorrect
Regularly rotating API keys reduces the risk if a key is compromised.
How can API key usage be restricted?
✗ Incorrect
Restricting API keys by IP addresses limits where the key can be used.
What happens if an API key is exposed publicly?
✗ Incorrect
Exposed API keys can be used by unauthorized users, causing security risks.
Which is a key difference between API keys and OAuth tokens?
✗ Incorrect
API keys are static tokens, while OAuth tokens are dynamic and provide delegated access.
Explain why managing API keys carefully is important for security.
Think about what happens if someone else gets your key.
You got /4 concepts.
Describe methods to restrict API key usage to improve security.
Consider how to limit where and how keys are used.
You got /4 concepts.