I have been making requests to TMDb from the client using the API Key until now, however, I don't think that's very secure.
All my application needs is to read some data, e.g., get popular movies or search for a TV Show. I thought about making these requests server-side, then sending the data to the user, however, I would like to make the requests directly from the client-side.
Should I use a Guest Session for this? Where I would request for a guest_session_id to my server, and than use that guest_session_id from the client to make all the requests to TMDb? If so, where could a get more information about the IP liimts?
The documentation for getting popular movies, for example, only talks about using the api_key field to make requests, so I wonder if there's another way to get that data client-side without exposing the API Key?
Sorry if duplicate, I couldn't find another question related to this. Thanks in advanced.
Can't find a movie or TV show? Login to create it.
Want to rate or add this item to a list?
Not a member?
Reply by ticao2 š§š· pt-BR
on August 12, 2022 at 12:14 PM
I believe it is the Token feature.
You will need to use API v4 combined with API v3.
I personally do not use or know how this feature works.
I suggest starting to understand how it works by reading the instructions on these pages.
https://developers.themoviedb.org/3/getting-started/authentication
https://developers.themoviedb.org/3/authentication/how-do-i-generate-a-session-id
https://developers.themoviedb.org/4/getting-started/authorization