Can SkyCrypt allow users to provide the own API keys

[nstringham]

this is related to SkyCryptWebsite/SkyCrypt#795

I was wondering, If SkyCrypt allows the users of the SkyCrypt API to provide their own API key then Skycrypt would get data from the Hypixel API using the API key provided by the user and do all of our processing to make it easier to use, then cache it and send the results to the user. Would that be considered trying to abuse the API by bypassing the API limit?

here is some pseudocode of the scenario

user makes a request for a profile and includes a Hypixel API key
if the cache contains requested profile with recent timestamp
    respond with profile from cache
else
    fetch profile from Hypixel API using Hypixel API key provided by user
    process the profile
    respond with the processed profile
    add the processed profile to cache

[nstringham]

@ConnorLinfoot are you able to answer this question?

[ConnorLinfoot]

Unfortunately no, this is not a use case we can allow. There are two issues with something like this;

• Firstly, as you would expect is the rule of using multiple keys to bypass limits. This falls directly upon this as your service would in fact be using multiple keys for this purpose, and as a result, our systems would likely detect this and handle it accordingly.

• Second, is the security issue of this. Users shouldn't be sharing their API keys with 3rd party services, as these keys should be kept private. While at this time the keys are read-only and only would allow for limit bypass with these keys, this could change in the future. (We have nothing strictly planned at the moment, but its always worth keeping this in mind)

[nstringham]

thanks for clarifying

[mdashlw]

While at this time the keys are read-only and only would allow for limit bypass with these keys

Linking your account to hypixel.net is done via api key