[ckan-dev] Public API key from test-user.
Mark Wainwright
mark.wainwright at okfn.org
Tue Dec 17 11:25:52 UTC 2013
This made me wonder whether changing my password also causes my API
key to change. A quick test suggests it doesn't.
Should it? Or should there be (or is there) some other way of changing
my API key if I think it's compromised?
Mark
On 17/12/2013, Nigel Babu <nigel.babu at okfn.org> wrote:
> Hi Henrik,
>
> I'm not sure this is a good idea. Publishing the API key would let them
> change everything a normal user has permissions for, like changing the
> user's password or email.
>
> Nigel Babu
>
> Developer | @nigelbabu <https://twitter.com/nigelbabu>
>
> The Open Knowledge Foundation <http://okfn.org/>
>
> Empowering through Open Knowledge
>
> http://okfn.org/ | @okfn <http://twitter.com/OKFN> | OKF on
> Facebook<https://www.facebook.com/OKFNetwork> |
> Blog <http://blog.okfn.org/> |
> Newsletter<http://okfn.org/about/newsletter>
>
> CKAN | http://ckan.org/ | @CKANproject
> <http://twitter.com/CKANproject> |the world’s leading open-source data
> portal platform
>
>
> On 10 December 2013 17:17, Henrik Aagaard Sørensen <BU1G at tmf.kk.dk> wrote:
>
>> Should there be any conserns publishing an API-key from a simple user
>> without any admin-rights etc.?
>>
>>
>>
>> I would like to public various example on use of the API, this would
>> include the API-key in Javascript-files.
>>
>>
>>
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-dev
>>
>>
>
--
Business development and user engagement manager
The Open Knowledge Foundation
Empowering through Open Knowledge
http://okfn.org/ | @okfn | http://ckan.org | @CKANproject
More information about the ckan-dev
mailing list