API Keys

Based on your current API is appears if you want to grant a 3rd party provider permission to display something on you Tidbyt you have to provide them with your Device Id and API key from you app. However this seems to grant them almost total control over your device. Perhaps I am missing something.

It might make sense for a user to generate multiple API keys, one for each 3rd party that would be revocable and limited to the push function and one installation at a time.

1 Like

Hey @TransSee, and welcome to the forum!

You’re absolutely correct. The API is currently primarily geared towards developers building private integrations that are run by individual users. Down the road, we certainly hope to improve that quite a bit. Perhaps an oauth flow allowing Tidbyt users to grant certain scopes to 3rd party developers. Our ambition is also to provide a fully hosted solution, where developers can create and publish applets for anyone to use. Not quite there yet though! =)