Hi Teun,

On 31 Jan 2025, at 11:25, Teun Vink <teun@bit.nl> wrote:

Hi Edward,

On 30 Jan 2025, at 11:24, Edward Shryane wrote:

Dear colleagues,

We have now enabled API keys for authenticating updates in the RIPE database.

We have written a RIPE Labs article including a video on how to use this feature:
https://labs.ripe.net/author/ed_shryane/using-api-keys-in-the-ripe-database/

Please let me know if you have any comments.


Thanks for making this possible and for publishing the article, we already had one use case where the new API keys were useful.

Good to know! Thanks for your feedback.

One thing I’m wondering is if there are any plans to implement a more granular way of controlling access for these tokens, for example by limiting the types of operations or the type of objects that can be accessed?


Absolutely. For now we have only implemented an optional mntner scope when creating an API key as an example, but we want to add more. In the next Whois release we will also add an environment scope to keep production / test / RC / training separate.

We'd like to hear from the community. I'll take your examples as suggestions for improvement (if you would find them useful), and I welcome any other suggestions from the community to make API keys better.

Regards
Ed Shryane
RIPE NCC