Jump to content

Ben Claussen

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by Ben Claussen

  1. Correct, we have automated systems not capable of using the WinApi, and global API keys are not appropriate for our security policy. If a single key were compromised in any way, then we would need to touch every system that was using it... rather than simply revoke/generate a single key for a single service.
  2. It would be greatly beneficial to have more flexibility with API keys, specifically the ability to grant users one or more API keys that could expire, be RW or RO, and possibly named. The attached screenshot is from an IP Address tracking system named "Netbox." In my opinion, it has a fantastic API setup with all of the options I mentioned above. The API key is passed with the REST request in the Authorization HTTP header.
×
×
  • Create New...