Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
The Sun's Anvil
Jednota Inc
12
|
Posted - 2015.05.25 12:18:16 -
[1] - Quote
How is it different from character APIs? Is it safe? |
L'ouris
Have Naught Subsidiaries
279
|
Posted - 2015.05.25 14:38:22 -
[2] - Quote
Crest is the api for the Eve servers.
If you have a programming sort of inclination, it allows you to pull all sorts of data from the eve universe, including character info your calling the character API.
It's all read only so yes it's safe. Some folk are concerned about giving other folk the ability to see what market orders, assets and Eve-mails they have however as a privacy thing.
Many don't care and the character data pulled through crest is used for many more automated alliance and corp web driven tools by organizations in the game, including but not limited to authentication on org voice servers.
Crest is rather big as a topic and has its own dev blogs and forums to discuss leveraging it. |
The Sun's Anvil
Jednota Inc
12
|
Posted - 2015.05.25 17:04:22 -
[3] - Quote
Thanks. I guess what made me second guess it was not the character info, but the fact that it prompts you for your actual login name/pass. |
ShahFluffers
Ice Fire Warriors Snuffed Out
8073
|
Posted - 2015.05.25 19:07:33 -
[4] - Quote
The Sun's Anvil wrote:Thanks. I guess what made me second guess it was not the character info, but the fact that it prompts you for your actual login name/pass. Its possible I suppose for 3rd party tools to abuse that? The API is a "one-way-only" deal.
Even with a "Full-API" key, people can only see your character information, his/her stats (including market and industrial activities), and mail within the game.
They cannot affect your account... see your payment info... or really change anything for that matter.
edit: if any third-party site or application asks for your log-in information... DO NOT provide it. Only use those things on official CCP or EVE Online sites.
THAT SAID...
... people can use the info they gather from the API to see who you are associated with, what kinds of deals or tactics you have made (if you put that info in your in-game mailbox), where you are basing out of, what your skills are like, what ships you have, etc. This info can be accessed as much as desired until you delete the key in your API management.
... being on a killboard does not require an API or your permission. Someone simply needs to kill you.
How did you Veterans start?
The Skillpoint System and You
|
The Sun's Anvil
Jednota Inc
12
|
Posted - 2015.05.25 19:13:42 -
[5] - Quote
You're referring to API key. I was mainly asking how CREST differed from API key and what the risks are of entering your actual login info when a 3rd party tool prompts...which I would think, unlike an API key, could in fact be captured and used to access your account proper, or am I just way too paranoid here? |
Tau Cabalander
Retirement Retreat Working Stiffs
4907
|
Posted - 2015.05.25 20:47:15 -
[6] - Quote
The Sun's Anvil wrote:How is it different from character APIs? Is it safe? https://developers.eveonline.com/resource/crest
This is really a topic for the EVE Technology Lab forum. |
Elena Thiesant
Sun Micro Systems
1676
|
Posted - 2015.05.25 21:27:19 -
[7] - Quote
It's the EVE Online Single Signon facility, not strictly CREST. Crest uses single signon, not the other way around.
http://community.eveonline.com/news/dev-blogs/eve-online-sso-and-what-you-need-to-know/ |
Bloemkoolsaus
Viperfleet Inc. Official Winners Of Takeshi's Castle
190
|
Posted - 2015.05.26 11:15:26 -
[8] - Quote
The Sun's Anvil wrote:Thanks. I guess what made me second guess it was not the character info, but the fact that it prompts you for your actual login name/pass. Its possible I suppose for 3rd party tools to abuse that?
That is the eve sso (single sign on) as linked above me. 3rd party tools can not get your login info throuh sso or crest. Only that wich you choose to enable through crest is exposed.
The sso and crest are a replacement for the api keys. We will no longer need to create and maintain the cumbersome api keys. |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
5292
|
Posted - 2015.05.26 11:34:17 -
[9] - Quote
Right now, CREST doesn't provide any data which isn't public (on TQ)
In the nearish future, it will start to present historical character data (like how much damage you did with lasers over the last year, how much Veld you mined, and so on). This will require you to approve the specific scope when it's requested.
In much the same way as, if you were to log into something using twitter, you have to approve the list of things it wants to be able to do. (read tweets, post tweets, etc)
As long as you, when logging into the SSO or CREST (CREST is an expansion of the SSO) check that the url is an eveonline.com one, you're pretty much safe. Don't trust applications which ask for your details, only trust the website. (A properly done app will throw you out to the browser to auth, then come back)
Woo! CSM X!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
Kale Freeman
Dirt 'n' Glitter
45
|
Posted - 2015.05.26 12:09:20 -
[10] - Quote
Or at least throw you out to an application that looks like a browser. |
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |