Better security with fine grained API permissions

enlm · October 29, 2023, 4:46am

Instead of general API key for all functions, can we generate API key that can only be used for certain function like create TXT record with particular name such as for ACME challenge? That API key can’t do anything else than what it was created for.

peter · October 30, 2023, 2:23pm

This is tracked here: api: Scoped tokens · Issue #347 · desec-io/desec-stack · GitHub

Stay secure,
Peter

564656963 · December 17, 2023, 12:12pm

The feature is implemented now: