zlacker

[parent] [thread] 4 comments
1. atoav+(OP)[view] [source] 2023-05-12 05:41:25
Is inputing your API key on some random (sorry to the creator) website really a good idea?
replies(2): >>8organ+92 >>averev+l3
2. 8organ+92[view] [source] 2023-05-12 05:58:16
>>atoav+(OP)
It's not. Eventually we'll have OAuth and that will be the preferred approach.
replies(1): >>malaya+a4
3. averev+l3[view] [source] 2023-05-12 06:07:40
>>atoav+(OP)
In general not, but openai has made a wonderful job of key management with instant revocation,soft and hard limits, and alerts all the way.

I can confidently experiment by generating a new key, and I'll only ever lose a dollar, as my threshold is fairly low and matches the usage in my own projects.

replies(1): >>hacker+Bt
◧◩
4. malaya+a4[view] [source] [discussion] 2023-05-12 06:13:37
>>8organ+92
Curiously, they already have something like that already. If you take a course on deeplearning.ai (I tried ChatGPT Prompt Engineering for Developers), you can run a notebook that accesses OpenAI API. If you look closely, you'll notice they authenticate not with an API key but with a temporary JWT token that gets handed to you when you start a lesson. I don't know how they do it, but it's certaily possible.
◧◩
5. hacker+Bt[view] [source] [discussion] 2023-05-12 10:11:59
>>averev+l3
not everyone will do this though. security is meant for the idiot users
[go to top]