Authentication
- There are different ways to authenticate with an API
- …telling the API that it’s you and not someone else
- Generally: API providers give you a piece of information (e.g., a key) that you can use to verify that it’s you when connecting to the API
- API keys (access token)
- Most common method of authentication
- In this document we described how you can get a key (either the actual key string or stored in json file) to interact with Google Cloud APIs
- OAuth
- “an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords” (Wikipedia)
- What is OAuth and why does it matter?
- This example illustrates how to use oauth to authenticate with the Youtube APIs
- Be careful with those keys/passwords! Don’t post them on websites! (bots crawl through the web to identify all sorts of vulnerabilities)
- Connections without sharing username or password, only temporary tokens that can be refreshed
- Ideally store tokens as environmental variables in R (as described here)
httr package in R implements most authentication cases