I'm unsure how unsafe it is to share an api key with someone who is working on my project. I don't know them very well but they have experience with Clover. Is it normal for someone to request my api key for them to test their script
I'm unsure how unsafe it is to share an api key with someone who is working on my project. I don't know them very well but they have experience with Clover. Is it normal for someone to request my api key for them to test their script
API keys are sensitive and can be used to read/write data depending on the permissions assigned to the token. If the token only has read on orders, it can be used to see all of your business's orders. Is that sensitive to you? A bit more information would be helpful but in general they shouldn't need the token to test their integration (Clover provides a sandbox/test environment for that). But they will need it when they deploy it (assuming they are responsible for that). If they are providing the script to you, and you will be running it or deploying it, they don't need the key.
8 People are following this question.