Closed TimoAtMUV closed 5 months ago
@TimoAtMUV Yes this is a valid request. This issue should be located at https://github.com/balena-io/open-balena-api/issues as this is the place where the API keys are managed. Right now the open-balena-api is not supporting (fleet) scoped API keys. Eventually this feature will be implemented.
Thank you for the response, I close it and open a new Issue at https://github.com/balena-io/open-balena-api/issues
An API token for the Balena cloud is very powerful and anyone who has the API key can have a big impact on devices, e.g. update all environment variables of all devices, it would be great if we could restrict an API key to a subset of fleets.
This would make development cycles much more secure. => Limit an API key to a staging fleet.