Support multiple API keys per user

NEW
Unassigned

Status

3 years ago
3 years ago

People

(Reporter: mstriemer, Unassigned)

Tracking

Details

(Reporter)

Description

3 years ago
We should allow users to provide a name for an API key and support multiple active API keys.

With multiple API keys you can use a different key for each app/computer which makes it easier to recover if a key gets compromised (just change one key).

If we support multiple API keys we shouldn't need to let a user see an old secret as is suggested in bug 1212959 since they can generate a new one instead.

Updated

3 years ago
Blocks: 1206158
Summary: Support multiple API keys per user → Support multiple API keys per user and one-time secrets
> we shouldn't need to let a user see an old secret ... since they can generate a new one instead

The UX needs to be very clear on key creation that the secret will never be seen again.
To keep things moving forward, it may be easier to implement this bug in two passes: 1) allow management of multiple keys, 2) only show secrets once. Whatever is easiest.

Comment 3

3 years ago
I agree, this looks like something that should be split up into two bugs. I created them here: 1216223 and here: 1216241.
Summary: Support multiple API keys per user and one-time secrets → Support multiple API keys per user
the part of showing the API secret once is bug 1216241
Duplicate of this bug: 1216223
(Assignee)

Updated

3 years ago
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.