Eratos Development Key Recommended Practice
Following best practices with your Eratos Development keys is crucial to keeping your account secure. By design, both methods described below will mitigate possible vulnerabilities.
Key vulnerabilities
- Sharing the screen with Development keys visible during web call, someone screenshotting your keys
- Sharing a file that includes your keys
Method 1: Inputting your Development keys when you run your script
This is a safe secure method but can become tedious in the long term, for long-term development use we recommend reading your credentials from a file.
from getpass import getpass
from eratos.creds import AccessTokenCreds
from eratos.adapter import Adapter
eratos_id = getpass('Enter the eratos key id:')
eratos_secret = getpass('Enter the eratos secret:')
ecreds = AccessTokenCreds(
eratos_id,
eratos_secret
)
eadapter = Adapter(ecreds)Method 2: Reading your Development Keys from a file
Reading data from files is a common practice in development that allows the data inside a given file to be accessed when the script is executed. In this case, your development keys are pulled into your script from a file that is not being actively viewed on-screen to enable your specific access to Eratos.
This is a safe and secure method that can safely live at the top of all your Eratos Labs scripts, enabling your credentials to be read automatically every time you run the script, removing the risk of both key vulnerabilities above.
import json
f = open("PATH_TO_CREDS_AS_JSON_FILE")
# returns JSON object as
# a dictionary
data = json.load(f)
ecreds = AccessTokenCreds(
data['key'],
data['secret']
)
eadapter = Adapter(ecreds)Updated 8 days ago