Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement] Create API keys with parametrable access rights #20533

Closed
SW-Vincent opened this issue Mar 30, 2023 · 2 comments
Closed

[Enhancement] Create API keys with parametrable access rights #20533

SW-Vincent opened this issue Mar 30, 2023 · 2 comments
Labels
duplicate For issues that already existed in our issue tracker and were reported previously. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone
For Prioritization

Comments

@SW-Vincent
Copy link

Api keys currently have the same rights as their owners.
It would be a nice feature to be able to chose what an API key can (and can't) do, just as an administrator can define a user's rights.

Summary

For a lot of users, API keys can represent a security breach : is your API key as well guarded as your passwords ?
For exemple it can be used within scripts for scheduled Google Sheets data exports, and it would be wonderful to reduce the access level of these API keys to read only.

Your Environment

  • Matomo Version: Cloud
@SW-Vincent SW-Vincent added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. To Triage An issue awaiting triage by a Matomo core team member labels Mar 30, 2023
@sgiehl
Copy link
Member

sgiehl commented Mar 30, 2023

Matomo in general lacks a more granular access model. But having the possibility to assign certain access right to newly created token_auths already sounds like a big improvements. That would at least allow to reduce the access of a token from e.g. an admin user to view access and similar.

@sgiehl sgiehl removed the To Triage An issue awaiting triage by a Matomo core team member label Mar 30, 2023
@sgiehl sgiehl added this to the For Prioritization milestone Mar 30, 2023
@sgiehl
Copy link
Member

sgiehl commented Aug 24, 2023

closing as duplicate of #15368

@sgiehl sgiehl closed this as not planned Won't fix, can't repro, duplicate, stale Aug 24, 2023
@sgiehl sgiehl added the duplicate For issues that already existed in our issue tracker and were reported previously. label Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate For issues that already existed in our issue tracker and were reported previously. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Projects
None yet
Milestone
For Prioritization
Development

No branches or pull requests
2 participants
@sgiehl @SW-Vincent