Project

General

Profile

Actions

User story #5798

closed

Different access levels for API keys / REST API authorizations and rights

Added by Florian Heigl about 10 years ago. Updated almost 7 years ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
API
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

It would be very very helpful to assign permissions to API keys.

  • The most important piece would being able to create ones that only have readonly access.
  • use normal user levels
  • allow accepting nodes only
  • allow access depending on origin of the caller (localhost, trusted networks, ...)

One very heartwarming bonus would be to be allowed to skip validation / change requests for API based accesses (by token)
Audit log doesn't need to be skippable ;)


Related issues 4 (1 open3 closed)

Related to Rudder - User story #6193: Add a command to create api tokenRejectedActions
Related to Rudder - User story #8183: Add a more detailed status API with component statusNewVincent MEMBRÉActions
Related to Rudder - User story #10678: REST Api authorization management by rolesRejectedActions
Is duplicate of Rudder - User story #5627: Readonly API or otherwise restrictable API AccountsReleasedFrançois ARMANDActions
Actions

Also available in: Atom PDF