Project

General

Profile

Actions

User story #8304

closed

Generated API tokens are still visible in the settings after initial generation

Added by Matthieu CERDA over 8 years ago. Updated over 1 year ago.

Status:
Rejected
Priority:
4
Category:
Security
Target version:
-
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:
No

Description

In current best-practice abiding API applications, creating a new API key goes as follows:
  • The user asks for a new API token generation and enters some details
  • The application displays a pop-up giving the token / secret / ... and warning about the fact that it will be displayed only once
  • The user validates after copying the token and the token is created.

The token, after initial generation or renewal, is never displayed again and only known to the application itself and the user that created / renewed it. The only way to access it is to create another one or renew it, invalidating the first one.

This is a key security feature, preventing any impersonation of an API user (important especially when there is no read / write / read-write restriction for the tokens) and inviting users to create personal or project-related tokens instead of having everyone using the same easily accessible token, basically violating the non-repudiation paradigm.

We should do the same, by adding a pop-up at token creation / renewal with the "displayed only once" warning and never displaying the tokens.


Related issues 1 (0 open1 closed)

Is duplicate of Rudder - Architecture #23234: Hash API tokensReleasedFrançois ARMANDActions
Actions

Also available in: Atom PDF