How the Heck Do API Keys Work?

I have a note to watchers and a question.
Note to watchers: Although this is an introductory video and the way the base36 generator is implemented in it is understandable, in real projects never use Math.random() for api keys as it is easily predictable.
Question: If we give a website an API key, then their frontend developers have to use a proxy server to hide that API key from their users?
Thanks Steve for this video.

where do you store your Users info and APIKey? in a database table?

Api key for circle?

Love your explanation and I have subscribed to your channel, wondering also why you dont have at least 500k subs not fear, you're too good, after 2 years this still helping lots of people. Thank you

How can we create apiKey using nestjs?

Thanks

Should the api keys be encrypted to be saved to the database?

its a great knowledge video, but what about the response header on browser, api key showing on browser side in response header.

I don't know if you made this for free, but it's fantastic, and the voice is very good.

Thanks for this amazing video sir!

Thanks for all this great content Steve! I really have no clue how only 24k people have stumbled upon this video. Such a great & thoughtful tutorial for beginners.

man allow me to say, you have a really charming voice, it really gets me listening. Amazing tutorial voice

Excellent video, great job man. I'll def check out more of your content.

Lucid explanations, appreciate cha!

Good and helpful content
Thank you for sharing this knowledge

Thank a lot !!!

What kind of database do you recommend do use to store and check the keys? I think the db has to be quite fast?

Instant Subscribe.. Great Video

Useful Knowledge and good teaching => 100% likes

Thanks for this tutorial, finally some with the right knowledge to explain this concept clearly :D WELL DONE.

Excellently done and useful. Thanks.

Lovely stuff, I like how you compare origins to ensure keys are not abused. I wonder if it will suffice to protect a user's key, how secure would you say this implementation is?

I'm completely new to the Node js environment and having doubts about which method to use on the client-side, using template engines or the method that you are using?
Thanks in advance

Amazing. Completed the videos today and learned a bunch.

Thank you Steve. You are really a good human.

how did you define those api key in package.json and used as process.env.apik_key.never seen before

HOW CAN YOU USE ? req.header("x-api-key") .shouldnt it be req.header["x-api-key"]

Thanks, Steve a good overview on the topic, especially loved seeing rate-limiting and restricting to a host. With sites that can only show the API key once, I presume that means that they aren't storing the API key on the server and hence it is more secure if the database is leaked, i.e. i've read about JWT. Is that a completely separate way of doing API authentication or essentially just an add on?

Can someone please explain the hostname check part.. I didn't get it 😅 Thank you in advance

I don't even work on express but I still watched it, it was nice. I just have one question, I have noticed that the operators ( => or !==) are being formatted differently in your editor, is this a VSCode update or are you using a plugin. Also can you create a video/ series on Javascript module loaders and bundlers. That would be very helpful.

Trying to build my SO's website. This is a boon, thanks man.

I have looked for this very topic for a very long time. Thanks Prof, you have saved me!

Perfect 😍🔥.. Thankssssssssss ♥️

Thank you very much, this kind of things are really interesting !!!