uakfdotb
commented
9 years ago I'm thinking something like this: for IP, comma-delimited list of IP addresses or CIDR notation blocks. for IP restrictions, JSON-formatted list of path/method pairs (both path and method can contain wildcards).
Users should be able to restrict their API key to only be accessible from certain IP addresses, and also to limit the actions that can be used.