Start a new topic

API Key Access Levels and IP Whitelisting

Would like to have the current API keys whitelistable by IP address (IE only certain IPs are permitted to use certain keys) as well as a manager for the keys to distribute multiple keys for multiple addresses. Would help in maintaining the security of the keys in case of a leakage/breach.

Also, each individual API keys should have permissions. In a manager of some sort, the company should be able to choose what API keys are permitted to do what (IE user-to-user transactions, company-to-user transactions, user creation). This would allow for more flexible/micro-service based backend software architecture.

2 people like this idea
Login to post a comment