2 Questions: Can't get a valid JSON, API KEY
Shaked
1)
I`m trying to hit:
http://api.songkick.com/api/3.0/events.json?apikey=APIKEY&artist_name=radiohead
When I get the results I keep getting:
SyntaxError: Unexpected token :
arguments: Array[1]
0: ":"
length: 1
__proto__: Array[0]
get message: function getter() { [native code] }
get stack: function getter() { [native code] }
set message: function setter() { [native code] }
set stack: function setter() { [native code] }
type: "unexpected_token"
__proto__: Error
I`m using the same code like you guys did in your API docs. I tried to
copy the results manually and just create an object but I then I got
the same error.
Any ideas what went wrong? is it me or maybe something returns wrong?
2) I read your TOU document, and I didn't understand one thing:
You wrote:
"
4.1 All calls to the Songkick API must reference the API Key issued to
you as an approved licensee. You will not share the API Key and any
other authentication details with any third party."
"4.5 This license to use Songkick Data is limited to making direct
server calls to the Songkick API for the Songkick Data and to
distributing the Songkick Data to end users on your website,
immediately upon receipt by your servers. You may not retain any
copies of the Songkick Data, except for the purposes of retaining
cached information for short periods."
Then I checked the examples and saw that I should work with client
side scripts which means that users would be able to see my API key
and just use it for their own good.
Can you please be more specific about this issue?
Thank you for the help!
S
Shaked
Issue #1 is solved, my mistake (forgot to add the callback param)
Still waiting for an answer for issue #2
Thanks!
> http://api.songkick.com/api/3.0/events.json?apikey=APIKEY&artist_name...
Sabrina Leandro
You don't need to use client side scripts with our API, those are
simply examples. However, if you'd like to use Javascript to access
Songkick's API, unfortunately, for client side applications you have
no choice but to expose the API key.
If you ever think that someone might be misusing your api key, let me
know and we can issue a new one. We know security by obfuscation is
not security, but for now, there's no way around it.
Hope that helps
--
Sabrina Leandro
http://www.songkick.com/users/saleandro
Shaked
Sabrina Leandro
On 7 February 2012 20:16, Shaked <pig...@gmail.com> wrote:
> Hey
>
> I would prefer to use server side but I have more then one request to make
> (I can cache but it won't be enough) so it will take too much server time to
> do that.
>
> As for the api key, if I can do that how would you relate to the terms of
> usage? I can't proof that someone "stole" my api key (although lets face it,
> what they can already do?). I understand that currently there's not
> workaround to solve this issue, but maybe you're planning to do that in the
> (near) future?
The exact nature of the technology doesn't allow you to store your API
privately. We understand that's a problem. However, we haven't had yet
any case of others abusing an API key. As a suggestion, you could try
and obfuscate it, declaring it in another file your HTML code
requires.
> And just trying to figure why is the examples are written with JavaScript
> while there's no use for it?
There is definitely use for it, we have many API clients that use
Javascript. That example code is showing how to use JSONP and AJAX
calls, that's why it's in Javascript, but that doesn't mean that's the
only way you can consume our API.
> I don't won't to be annoying, I just think that those things are relevant
> for each developer here...
>
> Thank you for your time
Hope that helps,