• Sign Up Login
  • Features
    • Game Services
    • Real-time Analytics
    • LiveOps
    • Add-ons
  • Game Services
  • Real-time Analytics
  • LiveOps
  • Add-ons
  • Games
  • Pricing
  • Blog
  • Support
    • Docs
    • Forums
    • Contact
  • Docs
  • Forums
  • Contact
  • Sign Up Login
  • Ask a question
  • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Topics
    • Questions
    • Ideas
    • Articles
    • Users
    • Badges
  • Home /
  • Feature Requests /
avatar image

cool-daniel suggested an idea · Jan 27, 2018 at 02:41 AM · apisAccount Management

Secret key permission management

It would be usefull if you could set permissions for each secret key to limit its usage on specific categories like Player Data Management or Account management within the admin or server api while denying access to other categories of the api. This would enable admins to give out secret keys without exposing all functionality (like for example only letting a secret key call the GetPlayerProfile while not working for BanUsers)

thub.nodes.view.add-new-comment
cool-daniel
Brent Batas
larissa
david-marcelis

People who like this

4 Show 2
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Brent Batas · Jan 27, 2018 at 05:16 PM 0
Share

Agreed, this is a good idea.

avatar image larissa · Feb 12, 2018 at 06:46 PM 1
Share

Agreed! :)

One addition to this: It would also be useful, to be able to limit it to executing certain cloudscript handlers

1 comment

· Add your reply
avatar image

david-marcelis commented · Feb 19, 2018 at 02:40 PM

Want to upvote this issue. The idea of having the Server Key have access to the Admin API is scary. This means if a server or matchmaker was compromised, it gives permissions to change builds or worse.

Just a separation between Server Key, Matchmaker Key, and Admin Key would already greatly reduce the potential impact.

thub.nodes.view.add-new-comment

People who like this

0 Show 0
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Navigation

Spaces
  • General Discussion
  • API and SDK Questions
  • Feature Requests
  • PlayStream
  • Bugs
  • Add-on Marketplace
  • LiveOps

    • Your Opinion Counts

    We would love to know what you need. Submit your ideas and upvote others to help us prioritize.

    Sign in to post a new idea

    Follow

    Follow This Idea

    3 People are following this .

    avatar image avatar image avatar image

    Related Ideas

    Multiple JSON formatting options (get/set) from API

    Numeric Object Ids

    Allow setting contact email in server api and/or admin api, or allow custom password recovery email from master email.

    Include username in password reset email

    I'd love to see more recipes.

    Is Friend Online ? Provide API to get last player activity timestamp.

    User Based Login For Nintendo

    Add ability to reset virtual currency timer

    RedeemCoupon - Request to return currency

    Game Key Management - A RedeemCoupon extension + mgmt console

    • PlayFab

      • Features
      • Games
      • Pricing
      • Blog

    • Engineers

      • Documentation
      • Quickstarts
      • API Reference
      • SDKs
      • Usage Limits

    • Support

      • Forums
      • Videos
      • Contact
      • Service Health
      • Terms of Service

    • Social

      • Facebook
      • Twitter
      • LinkedIn
      • YouTube
    • Privacy & cookies
    • Terms of use
    • Trademarks
    • About Microsoft
    • Jobs
    • Accessibility
    • Diversity & inclusion
    • Security
    • Company news
    • © Microsoft 2019
    • Anonymous
    • Sign in
    • Create
    • Ask a question
    • Post an idea
    • Create an article
    • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Explore
    • Topics
    • Questions
    • Ideas
    • Articles
    • Users
    • Badges