What's the recommended way to generate access keys for my customers?

Question

Our users are developers that use our SDK in their apps. We need to generate a possibly set of access keys that they use to initialize our SDK.The SDK is on their client-side so these access keys must be public.An example of this might be the config keys that Firebase uses in their service.

_448 · Accepted Answer

Use secure hash algorithms to generate the access keys. Input could be a username+timestamp+long_secure_random_bytes. Then run it through base64 encoding.OpenSSL will provide you functions for generating secure random bytes as well as secure hashing functions.

verdverm · Answer

Think of it like a password or APIkey, how do you handle these?Most people generate a (crypto) random string. (not blockchain)

What's the recommended way to generate access keys for my customers?

Our users are developers that use our SDK in their apps. We need to generate a possibly set of access keys that they use to initialize our SDK.
The SDK is on their client-side so these access keys must be public.
An example of this might be the config keys that Firebase uses in their service.

Use secure hash algorithms to generate the access keys. Input could be a username+timestamp+long_secure_random_bytes. Then run it through base64 encoding.
OpenSSL will provide you functions for generating secure random bytes as well as secure hashing functions.

Think of it like a password or APIkey, how do you handle these?
Most people generate a (crypto) random string. (not blockchain)