[atlas] Changes to RIPE Atlas API keys
- Previous message (by thread): [atlas] RIPE Atlas Quarterly Planning Q4 2023
- Next message (by thread): [atlas] NTP empty results ('result': [{'x': '*'}])
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Robert Kisteleki
robert at ripe.net
Wed Oct 4 11:58:18 CEST 2023
Dear all, These changes have now been implemented. Regards, Robert On 2023-09-19 12:11, Robert Kisteleki wrote: > > Dear RIPE Atlas users, > > We'd like to update you on some upcoming changes regarding API keys in > RIPE Atlas. > > TL;DR nothing changes regarding how you can use your API keys in the > short term - as long as you're actually using them. However, we'll > change how unused or forgotten keys are handled as well as remove the > less secure in-URL use of them. > > > At the moment RIPE Atlas users can query their existing API keys via the > UI and API, including the possibility to retrieve old keys. In order to > improve the security of how we handle these, we'll introduce the > following changes in October 2023: > > * The listing (retrieval) of keys will only reveal parts of the keys > (enough to identify them) in the API as well as in the UI. > > * We'll add the ability to "regenerate" an API key, which will replace > the secret UUID of the key while keeping exactly the same permissions. > > * Unused API keys will automatically be frozen after 1 year of not being > used. Active keys (i.e. the ones that have been used at least once) will > not be frozen. > > You still have the ability to save your keys until these changes are > done and, as written above, you will be able to regenerate them later. > We'll notify this list when the changes are about to be done. > > > In addition, in order to further increase the security of our system, in > the long run we'll make changes about how these API keys are > communicated to the API: > > * At the moment the API accepts these either in HTTP headers > ("Authorization" header) or in the URL (?key=xyz), although the > Authorization header version has been documented as the preferred > version for some time. > > * We'll deprecate and remove the ability to use the URL form in about a > year (around October 2024). > > * We plan to send further reminders about this change over time, as well > as reaching out to heavy users of the to-be-removed format. > > Regards, > Robert Kisteleki > RIPE Atlas team > > > >
- Previous message (by thread): [atlas] RIPE Atlas Quarterly Planning Q4 2023
- Next message (by thread): [atlas] NTP empty results ('result': [{'x': '*'}])
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]