โ10-20-2021 10:46 PM
We are using the Recipe Lifecycle Management APIs for our CI/CD process. However, as you all know the API key (from Settings) not only gives access to the RLM APIs, but to all the other Workato APIs (essentially all recipe ops), which essentially is very powerful.
Any ideas on how we can limit the exposure? IP Whitelisting for the API key, the same as we have in the API Platform? Or limit the exposed APIs and have multiple keys?
Anyone from Workato with any suggestions? Tridivesh Sarangi , Deven Maru
โ10-21-2021 04:27 AM
Agree on broad scope of the single key giving access to all APIs. We have scoping feature in the roadmap where you will be able to generate multiple keys for different sets of features. Let me look into the details and the plan.
Best,
Deven