Y
Hacker News
new
|
ask
|
show
|
jobs
by
matja
63 days ago
What if the "slug" was a prefix for the API key revocation URL, so the API key was actually a valid URL that revoked itself if fetched/clicked? :)
2 comments
out_of_protocol
62 days ago
i suspect a lot of tools will try to fetch the url without explicit user action (e.g. messengers do that kind of crap). Gotta be hard to keep keys non-revoked, which is a nice side-effect
link
vjay15
62 days ago
but api keys arent meant to be revoked once used right?
link