3

In Parse.com Rest API documentation it says this:

You should not use the REST API Key in client apps (i.e. code you distribute to your customers). If the Parse SDK is available for your client platform, we recommend using our SDK instead of the REST API. If you must call the REST API directly from the client, you should use the corresponding client-side Parse key for that plaform (e.g. Client Key for iOS/Android, or .NET Key for Windows/Xamarin/Unity).

In my retrofit api I have the following code with header:

  @Headers({"X-Parse-Application-Id: " + ParseEndPointConfig.PARSE_APPLICATION_ID, "X-Parse-REST-API-Key: " + ParseEndPointConfig.PARSE_CLIENT_KEY})
  @POST("classes/Xxx")
  Observable<XxxParseObject> createXxx(@Body XxxParseObject circle);

As stated in the docs, using Rest Api Key is not recommended. It is suggested to use Client key for Android. How should the header look like if I used Client key for authentication? Is there any example on using Client key instead of Rest Api key for client side applications?

Improve this question

1 Answer 1

Reset to default
1

Short answer: use the header X-Parse-Client-Key in your REST call.

Full explanation: When you look at the Parse REST docs, you frequently see examples like this:

curl -X POST \
  -H "X-Parse-Application-Id: ${APPLICATION_ID}" \
  -H "X-Parse-REST-API-Key: ${REST_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{"score":1337,"playerName":"Sean Plott","cheatMode":false}' \
  https://api.parse.com/1/classes/GameScore

Note how the parse headers start with X-Parse-. I previously needed to figure out how to use dotNET key for parse-push-plugin. On a hunch, I searched the dotNET SDK for X-Parse-, and found the header to be X-Parse-Windows-Key.

Doing the same thing with the Java SDK, you would find the following declarations in ParseRESTCommand.java

static final String HEADER_APPLICATION_ID = "X-Parse-Application-Id";
static final String HEADER_CLIENT_KEY = "X-Parse-Client-Key";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.