License Key
Please, introduce in this field the license key for your native app. You can find it in the license dashboard. If you have multiple licenses for different forums, make sure you introduce the right one.
This license key will be used that you are a legitimate user of the addon and the native client apps, and if you don’t introduce the license key here or the license key is wrong, your native app may not work.
Guest Api Key
For the addon to work, you have to create two keys: a key that will be used for the not logged in users, and a key that will be used for the logged in users, that can post messages to the forum.
For the guest API key, navigate to Setup->Api Keys-> and Add a new API key, called “Guest API key” (or something similar).
Please make sure that this key has the only the following allowed scopes and that the key is active:
- attachment:read
- auth
- conversation:read
- node:read
- profile_post:read
- thread:read
- user:read
Save the key, copy and paste it in the Guest api key option of the addon.
Super User Api Key
Now create a new key, call it “Superuser API key” or something similar, and make sure that it has enabled “All Scopes”, and is active.
Please copy and paste this key in the Super User Api key of the addon.
How are the keys used in the app?
And the answer is, that the keys are not used in the app. The keys never leave your server and are not stored or used in any way in the client apps.
We use a custom method to authenticate the app requests with the addon/your xenforo installation. After that, the keys are used internally by the addon to perform operations on behalf of the user.
If you feel insecure you can always generate the api keys again and replace them in the addon settings.
The API keys should NEVER leave your service, and you should NEVER give an API key to third party users, especially a superuser API key.
