Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API key security and recoverability #335

Open
josh-chamberlain opened this issue Jun 22, 2024 · 0 comments
Open

API key security and recoverability #335

josh-chamberlain opened this issue Jun 22, 2024 · 0 comments
Labels
api v2 For v2 release

Comments

@josh-chamberlain
Copy link
Contributor

Context

Having a permanent API key be unencrypted in the database is probably a security hole.

Requirements

  • We should store a hashed version of API keys in the database.
  • We should also have a way, using secrets kept in keybase, to regenerate an admin API key in the future. We should then document that process in notion dev docs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api v2 For v2 release
Projects
Open issues & Roadmap
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
1 participant
@josh-chamberlain