Y
Hacker News
new
|
ask
|
show
|
jobs
by
pmarreck
1178 days ago
OpenAI’s API key page lets you issue new keys, see when they were last used, and withdraw them at any time.
So this seems a bit paranoid.
2 comments
bastawhiz
1178 days ago
Stripe's dashboard lets you do the same thing but like hell I'm giving you my secret key.
link
pmarreck
1178 days ago
This is a standard way to grant API access in literally every piece of software that's provided an API access I've ever used in the last 5-10 years. I'm not sure what informs such paranoia.
link
osigurdson
1178 days ago
True, but it is still weird to paste your credentials into an unknown service.
link
sbarre
1178 days ago
Yes of course, it certainly is. So before you do that, you should make the service not be unknown to you.
Good thing this is open source!
link
osigurdson
1178 days ago
I’m not sure if there is any way to tell if an open source service is actually using the open source code. It still comes down to trusting the url.
link