Launched: Personal Access Tokens
LaunchDarkly has introduced personal API access tokens to enhance security and accountability for users of their platform's API. Previously, there was only one token per organization, which could be problematic for larger teams or those with varying use cases. Personal access tokens allow each user to create their own tokens with scoped permissions, making it easier to manage different levels of access. Additionally, built-in and custom roles can be assigned to these tokens, extending the same role-based controls from the web application to API access. LaunchDarkly recommends users migrate to personal access tokens for improved security and advises creating a new token for each use case with minimal permissions necessary. This feature also enables better accountability through audit logs that track actions based on who created the tokens, ensuring visibility into user activities.
Company
LaunchDarkly
Date published
Nov. 30, 2017
Author(s)
Kim Harrison
Word count
426
Language
English
Hacker News points
None found.