Published: Sunday, Oct 18, 2015 Last modified: Monday, May 27, 2024

In Singapore, the NEA publishes data about air quality in a machine readable format aka an “API”.

Currently they publish it with a key, For example:${NEAAUTHORIZATION-KEY}

The actual current XML payload is worthy of a blog in itself. It has numerous issues.

Firstly, why do they need a key? You can control access to an API by Access-Control-Allow-Origin, maybe the referrer or IP if access is a problem.

And why would access be a problem? The load on an API is far lower than a Website since the API is a fraction of the size & far more efficient.

So please correct me if I am wrong, the current access the NEA PSI API is limited by:

These are artificial barriers to entry that should be removed to streamline a “smart nation” that’s capitalising on information. Please do NOT use API keys.

UPDATE: The workaround is something like this which took me longer to code than I would like to admit. :(