I'm working on a plugin for the Beets CLI music library application that fetches fanart upon import.
I wanted to use the V3 api and support using personal API keys.
However, when I generate an API key from https://fanart.tv/get-an-api-key/ and try and use it in a request, I get back the following response:
Is there a delay in the personal API key becoming valid or is this a bug with generation?
Thanks
---------------
Edit:
OK, I think I found the issue.
Is is true that an api_key is always required and that comes from Project API Keys?
And if a user wants to use a personal api key, I should append that to the query string as a client_key?
Yeah, it think it is true that you have to append the client key to the query string (I've also run into this when plugging my personal key in the XBMC addon:P).
Note: I'm in no way anything near an admin, but far as my understanding goes for API's, it is a common practice to assign different keys to different applications that want resources from i.e. a site like fanart.tv.
One of the benefits from this is that a site administrator can track statistics for different applications (see those post of API-calls by Kode). In case of extraordinary traffic, or violation of the terms and conditions of the API (such as not mentioning this site in this case, if I recall them correctly), an app's access can be simply revoked by revoking the specific API-key.
I reckon this is a functionality they would not want to lose and if each user had his own key, it would quickly become a terrible mess, I'm sure. (You would need to figure out which users use an app which violates the terms of use and then ban those keys... A rather cumbersome approach if at all possible.)
Therefore, with the new API they introduced an extra parameter for users (clients) the identify themselves with the site via an app. This retains the possibility to track different apps, but also allows for applying different perks based on user class (additionally, this is far more secure than a user inputting their login details in an third-party program).
So, based on this I'd say that the personal API ('client_key') in no way substitutes a program API ('api_key'). The former is optional, but the latter is mandatory.
