Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is pretty cool. But at the risk of a digression, I can't imagine sharing my API keys with a random website on HN. There has to be a safe approach to this. Like limited use API keys, rate limited API keys or unsafe API keys etc.


I'm aware this isn't a *proper* solution, but "throw your current API key at it, then as soon as you're done playing around, execute a test of your API key rotation scripting" isn't a terrible workaround, especially if you're the sort of person who really *meant* to have tested said scripting recently but kept not getting around to it ("hi").


Can't you just create a new API key with a limited budget?


The risk of leakage is very high. If Anthropic, Google, OpenAI can provide dispensible keys, it will be great.


Both OpenAI and Anthropic let you disable and delete keys. I'd be surprised if Google doesn't.


I should do that, let me try.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: