[BMO] All accounts now "Require API key authentication for API requests"

[Dylan Hardison]

As a security precaution, we have turned on the setting "Require API key authentication for API requests" for everyone. If this has broken something, please contact us.

Any service or program that uses cookies for authentication to XMLRPC/JSONRPC will no longer work and require updating to use API keys.

This was an existing requirement for users enrolled in 2FA which now applies to everyone.

-
Dylan Hardison

[Emilio Cobos Álvarez]

On Wed, Jan 18, 2017 at 04:03:37PM -0500, Dylan Hardison wrote:
> As a security precaution, we have turned on the setting "Require API
> key authentication for API requests" for everyone. If this has broken
> something, please contact us.

Seems like this has broken the pushbot bugzilla integration?

>
> Any service or program that uses cookies for authentication to
> XMLRPC/JSONRPC will no longer work and require updating to use API
> keys.
>
> This was an existing requirement for users enrolled in 2FA which now
> applies to everyone.
>
> -
> Dylan Hardison
>
>

> _______________________________________________
> dev-platform mailing list
> dev-pl...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-platform

[Dylan Hardison]

> On Jan 18, 2017, at 16:03, Dylan Hardison <dy...@mozilla.com> wrote:
>
> As a security precaution, we have turned on the setting "Require API key authentication for API requests" for everyone. If this has broken something, please contact us.
>

> Any service or program that uses cookies for authentication to XMLRPC/JSONRPC will no longer work and require updating to use API keys.
>
> This was an existing requirement for users enrolled in 2FA which now applies to everyone.
>

Meanwhile, several bots were broken because of this -- all of them have been granted an exception as they've been discovered.
If you see something still not working, let us know!