Join us and get access to thousands of tutorials and a community of expert Pythonistas.
This lesson is for members only. Join us and get access to thousands of tutorials and a community of expert Pythonistas.
Generating an API Key for Authentication
00:00 Authentication Part 1: Generating a Key. A lot of APIs will regulate who is using them
00:07 by the means of authentication. In these cases, users will have to prove their identity to the API before they can have access. There are a few different methods of authentication, but in this lesson, you’re going to learn how to use an API key to identify yourself, which is a very common means of authentication.
00:25 An API key is a specific code, like an ID or password which only you have access to. It’s normally sent as a header or a request parameter. You will now generate a key for use with the GitHub API.
00:38 GitHub calls its keys personal access tokens. To create one, you’re going to log in to GitHub, and from the homepage, click on your profile icon, followed by Settings.
00:51 Here, you’re going to scroll down to find Developer settings on the left-hand side,
00:59 followed by Personal access tokens, and then Fine-grained tokens.
01:05 Click Generate new token, and you’ll be brought to this form where you should provide a useful name and description for your token. You can also choose an expiry date for your token. For this project, you should choose a short expiry date, like seven days, as this means someone finding your key is less of a risk.
01:25 The Repository access section lets you define which of your repositories this key gives you access to. The default here is read-only access to public repositories, which works well for this project, but you could choose to give access to all your repositories, or choose a few specific repositories, which would be your best bet if you knew there are only a couple of repositories you wanted to interact with through the API.
01:47 Underneath these options is the Permissions section, which allows you to control exactly what actions your API key will allow you to do. If you click on Add permissions, you’ll see a list of possible actions, including blocking users and interacting with Copilot.
02:02 For this demo, we won’t need any of these permissions.
02:05 Click Generate token, and your access token is ready. Make a note of it somewhere, as if you leave this page, you won’t be able to see this access token again.
02:13 If you do lose this token, or accidentally reveal it, maybe while filming a video course, for example, don’t fret because you can always delete the old one and generate a new one easily.
02:24 Now you have an API key, you’ll use it to make authenticated requests in the next lesson.
Become a Member to join the conversation.
