Am I supposed to publish my Spotify API key in an open source app?

Question

I have created a simple app, script almost, that backs up playlist contents (just song titles/etc., not the music) off Spotify. It uses libspotify. I want to publish the source; I wonder what the approach is for API keys in this case? Without the API key, if the user is required to provide it in some header file, the app becomes useless to most people.

Answer 1

I believe their approach in your case would be that you should publish the code but have your key stored safely in a directory outside the published code. That way, anyone using your code will have to get their own application key. If you release your app in binary form they are OK with it being compiled into the application.

There's a thorough response at https://stackoverflow.com/a/15885844, complete with a sweet car analogy and all. :-)