alt Hacker NewsUnrestricted API keys were always secrets. They are created on a page called "Keys & Credentials". The fact that Google even allows unrestricted keys to be created has been a long standing security problem. The fact their docs encouraged it remains unforgivable.
Replies
ceejayoz • yesterday at 11:22 AM
Public keys are a thing in computing, though?
Google Maps has one, even. And Stripe.
➕ show 2 replies
I can maybe understand unrestricted keys (OK, I can't, to be honest).
But the fact that permissions are not hardened at time of creation is bonkers to me.