Replies: 1 comment
-
|
Hey this is a great suggestion but I'm going to close this as we need to build permissions for the overall app first before we implement them for API Keys. And Permission is a big/ambitious project we will not yet tackle in the next 6 months (but we will at some point for sure!). Edit: actually, converting this to a discussion |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Scope & Context
Created API key has too much permissions (all of them :)) and can negatively affect security in case of its leakage. It also limits ability to share API token with any kind of 3rd party data providers.
Current behavior
Cannot set the scope for created API key
Expected behavior
Ability to set the scope for created API keys like on e.g. on the Github itself where one could set
read,write,deletepermissions for various API endpoints.For Twenty the example MVP could be to add selectable scopes like
read,create,update,deletefor People/Companies/Opportunities and disable of permissions for other actions.Screenshot for reference:
Technical inputs
N/A
Beta Was this translation helpful? Give feedback.
All reactions