Web Bot Auth | slacker news

1. nerdsniper ◴[28 Aug 25 20:58 UTC] No.45056961[source]▶

Why use a "web bot" instead of an API? Either can be driven by an AI "agent"...but this just seems like an "API key for a visual api interface", and rather wasteful in cost and resources. If a company could afford to pay a partner for an API key they wouldn't need this. If they can't afford to pay the partner for access -- they'd still be blocked with or without "Web Bot Auth". I don't understand what this is for.

I suspect I'm missing something, what am I missing?

replies(3): >>45057059 #>>45057074 #>>45058300 #

2. observationist ◴[28 Aug 25 21:08 UTC] No.45057059[source]▶

>>45056961 (TP) #

Part of it, at least, is people thinking they've solved some perceived problem and being told by their chatbot that it's a terrific, brilliant new innovation and they should build a whole new protocol spec for it.

3. notatoad ◴[28 Aug 25 21:10 UTC] No.45057074[source]▶

>>45056961 (TP) #

if you already have an api that exposes all the information that your parter who is willing to pay for an API key wants, then sure, that's perfect. but what if you don't have an API, or your API doesn't expose the information that crawlers are looking for? they want to crawl your website, they're willing to pay for the ability to crawl your website, but you don't want to build an API...

i'm sure the next step here will be a cloudflare product that sits in front of your website and blocks all bot traffic except for the bots that are verified to have paid for access. (or maybe that already exists?)

4. mediaman ◴[28 Aug 25 23:45 UTC] No.45058300[source]▶

>>45056961 (TP) #

The website the human sees is the new API.

That's needed because many APIs are either nonexistent or extremely marginal in design and content coverage.