1 Topic by Kawaii

  • Kawaii
  • Kawaii
  • Member
  • Offline
  • From: Cyberia
  • Registered: 2016-02-15
  • Posts: 24

Topic: Feature Suggestion: API Keys

In addition to two-factor authentication I would also like to suggest the addition of API keys as opposed to credential authentication for the iRedAdmin-Pro API.

Global or domain admins could have a special option within iRedAdmin-Pro to generate API keys for their account. I feel that this is better than saving account credentials within our website code. smile

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

Kawaii's Website

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Feature Suggestion: API Keys

What's the difference between leaking account credential and the API keys? Cracker can access iRedAdmin-Pro either way.

3 Reply by Kawaii

  • Kawaii
  • Kawaii
  • Member
  • Offline
  • From: Cyberia
  • Registered: 2016-02-15
  • Posts: 24

Re: Feature Suggestion: API Keys

ZhangHuangbin wrote:

What's the difference between leaking account credential and the API keys? Cracker can access iRedAdmin-Pro either way.

API keys can be quickly revoked without the need to change the account password. smile

Kawaii's Website