We should allow users to provide a name for an API key and support multiple active API keys. With multiple API keys you can use a different key for each app/computer which makes it easier to recover if a key gets compromised (just change one key). If we support multiple API keys we shouldn't need to let a user see an old secret as is suggested in bug 1212959 since they can generate a new one instead.
Summary: Support multiple API keys per user → Support multiple API keys per user and one-time secrets
> we shouldn't need to let a user see an old secret ... since they can generate a new one instead The UX needs to be very clear on key creation that the secret will never be seen again.
To keep things moving forward, it may be easier to implement this bug in two passes: 1) allow management of multiple keys, 2) only show secrets once. Whatever is easiest.
I agree, this looks like something that should be split up into two bugs. I created them here: 1216223 and here: 1216241.
Summary: Support multiple API keys per user and one-time secrets → Support multiple API keys per user
the part of showing the API secret once is bug 1216241
Duplicate of this bug: 1216223
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.