DigitalOcean home
  • Droplets
  • Spaces
  • Kubernetes
  • Tools & Integrations
  • One-click Apps
  • API Documentation
  • Community
  • Tutorials
  • Q&A
  • Projects
  • Meetups
  • Customers
  • Pricing
  • Docs
  • Support
  • DigitalOcean home
  • Products
    • Droplets

      Scalable compute services.

    • Spaces

      Simple object storage.

    • Kubernetes

      Run managed Kubernetes clusters.

    • Tools & Integrations

      Automate your infrastructure.

    • One-click Apps

      Deploy pre-built applications.

    • API Documentation
  • Customers
  • Community
    • Community Overview

      Connect, share and learn

    • Tutorials

      DevOps and development guides

    • Questions & Answers

      Development and systems Q&A

    • Projects

      Community-built integrations

    Get Involved
    Write for DOnations
    Join us at a Meetup
    Featured Post
    An Introduction to Kubernetes

    by Justin Ellingwood

  • Pricing
  • Docs
  • Support
    • Documentation

    • Contact Support

    • Network Status

  • Home /
  • DO-I-7 /
  • New idea
70 Vote

Restrict API personal access token to a specific project

API personal access tokens appear to be global rather than project specific.

Please add options for 'global' or 'project' to API tokens.

e.g. a development project token should not have access to the production project.

  • Guest
  • Sep 11 2018
  • Planned
Developer API
  • Comments (2)
  • Votes (70)
  • Merged ideas (3)
  • Attach files
  • Daniel Holst commented
    18 Jun, 2020 07:51am

    Any ETA on this?, we're starting to get a good amount of projects running, and it is a bit scary having one API key to rule then all

    ×

    Attachments Open full size

  • Honza PoboÅ™il commented
    3 Jun, 2020 09:38am

    Also it will be helpful to be able to limit access to all resources groups. Not needed to have it complex like AWS ARNs, but I would use ability to e.g. create key what can update DNS records on one specific domain.

    ×

    Attachments Open full size

  • +18
  • 17 Vote

    Project-specific API keys Merged

    I'm currently setting up a wildcard Let's Encrypt cert and it needs an API key so it can do its thing with the DNS records of my domain. But to do this I need to give it access to my whole account! It goes against the most fundamental security pri...
    Created 8 Jul 07:58pm by Guest
    Developer API
    0 Planned
  • 20 Vote

    Generate API keys / access tokens scoped to a given project Merged

    It would be great to be able to generate API keys / access tokens that are scoped to a given project (in addition to specifying the read and/or write scopes).
    Created 10 Nov 10:10am by Nicolas Grilly
    Developer API
    0 Planned
  • 27 Vote

    Restrict API personal access token to a specific project Merged

    API personal access tokens appear to be global rather than project specific.Please add options for 'global' or 'project' to API tokens.e.g. a development project token should not have access to the production project.
    Created 11 Oct 03:32am by Guest
    Accounts
    0 Planned
Log in / Sign up

Identify yourself with your email address

Subscribe

You won't be notified about changes to this idea.

Related ideas

DigitalOcean home

© 2018 DigitalOcean, LLC. All rights reserved.
Proudly made in NY

  • Twitter
  • Facebook
  • Instagram
  • YouTube
  • LinkedIn
  • Glassdoor
Company
About
Leadership
Blog
Careers
Partner Network
Referral Program
Events
Press
Legal & Security
Products
Droplets
Spaces
Kubernetes
Tools & Integrations
One-click Apps
API
Pricing
Documentation
Release Notes
Community
Tutorials
Meetups
Q&A
Write for DOnations
Droplets for Demos
Hatch
Shop Swag
Research Program
Currents Research
Open Source
Support
Contact Support
FAQ
Network Status