Hi Ed,
(1) There is a strong preference for shared credentials at the LIR account level, independent of individual users. If a user leaves the company, the shared credential should not automatically expire. The organisation must be able to maintain the API keys including listing and invalidating them.
Hi Ed, To be clear, I do not see this as an either/or - having the option for creating API keys both at the LIR level *and* at the user level would be ideal, in my opinion. You could of course take the LIR level idea even further, by adding functionality such as (from the top of my head): * Making the creation of LIR-level API keys an optional privilege that only certain users would be permitted to perform * Keeping track of which user created the LIR-level API keys, and giving the option of deleting (some of) them when the user that created them is being deleted * Having the LIR-level API key concept apply not only to the RIPE database updates, but for all RIPE NCC services for which API keys can be used Tore