tl;dr: use a recommended safe hashing algorithm for hash-based tokens/secrets.
When you are using an API, your client will be the one making requests to it. If you are writing an application that uses third party APIs, then make sure that you understand how they handle brute force attacks and what kind of protection they provide against them
https://t.co/FhID2Nul9G