The Movie Database Support
Support → API Support
Intended use case for accessing the API, server or client side?
posted by johnb003STAFFMOD on July 24, 2013 at 5:08 PM
I noticed the limit on API requests is limited per IP not per API key. If my app gets a lot of traffic then it seems like this would suggest my requests should all come from my users instead of from my server.
However, if I generate the request from the client, how can I protect my API key?
Thanks!
Reply by Travis Bell
on July 24, 2013 at 6:49 PM
Hi johnb003 ,
It depends what kind of client you are building. For any desktop or mobile application, your API key can be compiled in to your app and would never be visible to the public. If you're building an HTML based project, there isn't much of a way to obfuscate it. Make a note that API keys are free and to head over to TMDb to get one is the best you can probably do.
Reply by johnb003
on July 24, 2013 at 7:58 PM
It's for http, and mobile. Is it ok if I maintain a clone of the db, as long as I don't cache the images? I didn't find anything in the Eula that prevented this, but I guess it's good to double check.
After all you do have the changes api which makes it very nice and convenient to maintain such a clone.
Reply by Travis Bell
on July 25, 2013 at 10:23 AM
As long as you attribute TMDb as the source of the data you're fine to go ahead and do that.