Hi WG. In the LIR Portal, at https://lirportal.ripe.net/api/, it is possible to issue API keys for use with several different RIPE NCC services.
However, it is unfortunately not possible to issue API keys for the two APIs that are used for database maintenance; Syncupdates and the RESTful API. The documentation implies that the only authorisation [sic] method for those APIs is MD5-PW. I propose that the API keys mechanism is extended to Syncupdates and the RESTful API. The already existing default maintainer concept could be leveraged to accomplish this (similar to how NWI-8 was implemented). That is, using Syncupdates or the RESTful API with API keys will simply authenticate the client as the LIR's default maintainer. Authorisation should remain handled by in-band mnt-* object attributes, as is currently the case. It would be an acceptable limitation that API keys for database maintenance are unavailable for LIRs without a default maintainer. Assuming the WG agrees that this is a good idea, I request an NWI. Tore
