* Tore Anderson via db-wg <db-wg@ripe.net> [2020-02-21 11:54]:
Hi WG.
In the LIR Portal, at https://lirportal.ripe.net/api/, it is possible to issue API keys for use with several different RIPE NCC services.
However, it is unfortunately not possible to issue API keys for the two APIs that are used for database maintenance; Syncupdates and the RESTful API. The documentation implies that the only authorisation [sic] method for those APIs is MD5-PW.
Hello, I would support a modern approach to authorisation with the WEB API. I don't think it should be bound the LIR portal (as there might be users who are not an LIR). But some sort of API-friendly authentication for maintainers would be appreciated, maybe coupled to SSO user accounts. Just sending the password as an URL parameter is not really a modern approach, also you would need to change the maintainer password every time someone leaves the company. Best Regards Sebastian -- GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE. -- Terry Pratchett, The Fifth Elephant