Ability to have more then one API Key per environment & Logging as to what key made a request

Cameron Hoffman-Brown

2 months ago
updated 2 weeks ago

It would be helpful from a Security and general searchability point of view if companies were able to have more then 1 REST API Key so they could be assigned to different users/applications. this would allow us to deactivate them individually if something were to happen and they were compromised instead of killing ALL of the API connections. it would also allow us to see what system/person/integration is making a change or requesting data.

Replies 2

Oldest first
Newest first Oldest first

Nicholas Cipriano

3 weeks ago

This would be a huge help for us as well. It would also be really helpful to have the ability to set permissions for the access keys. Example: One access key only supports GET operations. This way we can provide that access key to users and systems that are just using the data for reporting and ensure that there is no way that data can be modified.

Reply Link

2 weeks ago

After more thinking maybe this could be implemented at the "User" Level, add a key to a "User" and have it inherent their permissions.

This way we could create the equivalent of service accounts so we could have a service account for each team or process that needed to be integrated and would make the logging alot easier.