Scoped API Access
When creating an API token, allow fine grained scoped control. An example use case is, when using LetsEncrypt to generate your certificates, you can perform a DNS challenge to authenticate control of the domain. This adds a TXT record to your domain, confirming you have access to that domain. You currently need to give your "god-mode" API token to do this using DigitalOcean. With scoped access, you could create an API token with "dns:modify" and that's all that API token would be allowed to do. This would reduce the attack surface if the API token gets leaked from your droplet.
Need to transfer droplet to teams
You need to be able to fully transfer droplets and spaces from user accounts to teams. Crazy that you can't!!!
Transfer app to other User or Team
As people build services for clients, usually they start off with a PoC etc, and use their own company account. But when they want to transfer this away, and to the end client - it is not possible. It would be really nice to be able to transfer an entire App and also an entire Project. Thanks!
Move projects into other teams
As it is, only snapshots are able to be moved into/out of teams. Over the lifecycle of a project, it could evolve to include more people turning it into a team. We need to be able to move domains, spaces, droplets into a team without having to download tens of gigs of data from a space or sacrificing an IP reservation.
Avatar for teams
User avatars are managed by Gravatar, but teams avatars can't be customized. Would be great to be able to upload them.
Night mode for Dashboard.
Really easy, but simple. On the dashboard, enable a switch so the user can switch to a black or dark grey background for evening work so it's a bit easier on the eyes.
Add support for recurring PayPal payments.
I use Discover for almost everything, which you all do not accept. Using PayPal to support recurring payments would allow me to use this method of payment without having to place a deposit down every couple months.
Adding phishing proof passwordless authentication with #FIDO2/#WebAuthn and #U2F
Hey guys. I am Yuriy. An engineer from FIDO Alliance. You probably heard about us. We are the organisation behind U2F protocol that Google reported killed employee phishing: https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing . Our organisation have developed secure, seamless, phishing proof, passwordless authentication standard called FIDO2. Or some people may call it WebAuthn. WebAuthn is the JS API part in the browsers of the FIDO2, and it is supported by Chrome, Edge and Firefox. I was happy customer of yours for many years and I felt like you guys so great and innovative, that adding FIDO2 support to your multifactor authentication instead of TOTP would be a great idea, since TOTP is succeptable to phishing. We have a tutorial https://slides.com/fidoalliance/jan-2018-fido-seminar-webauthn-tutorial I wrote blog posts on attestation and assertion verification: https://medium.com/@herrjemand/verifying-fido2-responses-4691288c8770 We have a stories a good deployment stories: https://engineering.linecorp.com/en/blog/fido-at-line/ And we have a helpful and friendly community that will be able to help you if you stuck *) Regards. Yuriy
Create a mobile optimized control panel or iPhone/Android app
One thing i love about Linode and Rackspace is that i can always quickly check my server stats from my mobile phone. I would love to have an app that shows me (in descending order of importance): * List of Droplets with all meta info (name, image, size, IP address, Running or not ...) * Buttons for: * Reboot * Resize * Snapshot * Backup * Create from scratch/ from image * Bandwidth usage for the current month * Charges for current month / account balance * Digital Ocean stats (is everything in the network ok?)