This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Securing the Account API key

mroldanvega
Executive Chef I
Executive Chef I

โ€Ž10-20-2021 10:46 PM

We are using the Recipe Lifecycle Management APIs for our CI/CD process. However, as you all know the API key (from Settings) not only gives access to the RLM APIs, but to all the other Workato APIs (essentially all recipe ops), which essentially is very powerful.


Any ideas on how we can limit the exposure? IP Whitelisting for the API key, the same as we have in the API Platform? Or limit the exposed APIs and have multiple keys?


Anyone from Workato with any suggestions? Tridivesh Sarangi , Deven Maru

0 Kudos
1 REPLY 1

deven-maru
Workato employee
Workato employee

โ€Ž10-21-2021 04:27 AM

Hi Manuel Roldan-Vega


Agree on broad scope of the single key giving access to all APIs. We have scoping feature in the roadmap where you will be able to generate multiple keys for different sets of features. Let me look into the details and the plan.


Best,

Deven

0 Kudos
Copyright © 2024 Khoros, LLC