Authentication

Security considerations

It's understandable to not trust some new and unknown service with your API key. If there was another way to demonstrate an integration with Browserless I would add that as an option, but as the only documented way to access Browserless' service is using the API key token, this limits the options for you trying SocketPuppet without feeling scared about exposing your API key token. Which is completely understandable. Also I would prefer to not have any touchpoints on that API key token at all to limit my company's exposure in the event of a breach. In any case, the integration is cool enough and I want it enough that I'm choosing to engage with the risk and provide Browserless' hosted service as an integration anyway.

There are multiple options for using SocketPuppet with Browserless or BrowserStack, some more secure than others, each having a somewhat different risk profile.

FAQ

I don't want to give you my Browserless API key token, but I want to try this. What can I do?
It's understandable. Try one of the options above for masking your API key token.