I’ve developed an app (not quite ready for the community yet) that utilizes a 3rd party API for data. I’m currently using a personal account at the free level. If the app becomes popular, the API will need to be paid for ($10/month).
Since the API is free for personal use (up to 4000 hits / month), I could make the API configurable and require the user to go get a free account and input their own key
I think storing an api key/token in the config will work although it’s not good security practice. I’ve been thinking about this too for services that can’t use OAuth. Either have the user manually set their key or fetch a token based on their username/password and store the key in the cache. Both situations are bad security practices I think. Although since it’s a free api key it can’t be that bad right ?
Hey there! There’s certainly some nuance here, but in general we’re willing to pay for API keys for popular apps. The two factors we would consider is how popular the app is and how expensive the API costs are. I think the best way to make the case is to create an app that can stay within the free tier with moderate popularity and then make the case to us as the popularity grows.