read-only API key

[Jordan Wiens]

I'd like to have the option to have a read-only API key. 

Or, better yet, an API key that I can restrict to specific permissions on specific endpoints. 

It sounds like such a feature does not yet exist but I figured I could start a discussion here about it. A brief search didn't find anything, but apologies if this has been brought up before. 

[Devin Ceartas]

There's certainly nothing stopping you from writing such an API as an
intermediary. I've written read-only web interfaces for clients.

> --
> You received this message because you are subscribed to the Google
> Groups "Stripe API Discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to api-discuss...@lists.stripe.com.
> To post to this group, send email to api-d...@lists.stripe.com.
> Visit this group at
> https://groups.google.com/a/lists.stripe.com/group/api-discuss/.



devin
--
contact info: https://nacredata.com/devin

• Amazing Tie-Dye Tee-shirts: https://www.icedyedesigns.com
• Art/Poetry/Environment: https://secure.extinctionwitness.org/support
• Support progressive climate politics:
https://secure.voteclimatepac.org/donate/
• Forest Protection in Ohio:
https://www.buckeyeforestcouncil.org/donate.php

[Remi J.]

Hey Jordan,

This is definitely something we've heard before and we agree it would be great if you could get API keys with various permissions so that some can only retrieve data while others can create charges or customers but not refund or delete anything.

While this is something we've considered though, it's not really on our roadmap at the moment as we focus on different features to improve or release right now.

All the best,

Remi

--

You received this message because you are subscribed to the Google Groups "Stripe API Discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to api-discuss+unsubscribe@lists.stripe.com.