Improved Security and Performance with Read-only API Key and Cache

Improved Security and Performance with Read-only API Key and Cache


2 min read

We are proud to announce that the most useful features have been released today: Read-only API Key and Cache. These updates make Sheetson API more secure and much faster than previous version.

Read-only Key

With this new feature, you can now safely expose your API key within your source code with no worry about data manipulation by unauthorized persons. It is now generally available for free and paid plans.

You will now see a new API Key (Read-only) option in the console which is blank by default. You will need to click on Generate icon to enable it.

API Key (Read-only)

Only GET requests using this API Key will return data. All other methods would receive a 405 Not Allowed error code.

Faster Response

In order to enhance API speed, we have implement caching which lasts for 8 hours for all GET requests. When the request returned for the first time we store its results in cache to serve subsequent requests. With this behavior the execution time is 2x-10x faster which is around 400~700ms for cached responses.

When making changes to the sheet's data by POST/PATCH/DELETE operations, we invalidate the cache and the next GET request would serve directly from Sheets API.

Currently, there's no way to invalidate cache when you update via the Google Sheets UI yet. A new update would address this issue automatically. To always get the latest data from the API, you can also pass no-cache=true parameter in the URL.


We would love to hear your thought on new ideas. Please ping us at Twitter here @sheetson