Restrict API to site

  • 5 August 2022
  • 3 replies
  • 71 views

Userlevel 6
Badge +1

Is it possible to create an API key that has only access to a single site?


This topic has been closed for comments

3 replies

Userlevel 3

Hi @Arjan

I’d get some clarification on what you’d like to do. 

When you ask if it is possible to create an API key, do you mean an API user? If so, what is it you’d like this user to do with the API?

Userlevel 6
Badge +1

Hi shandley,

I am no developer, so I have no good understanding of APIs. I was asked to provide API access to Webroot for a SIEM system at one of our customers sites. I am willing to facilitate that, but I want to be sure that the system only gets data from that site, not from other sites that we host.

 

I created an API key which afaik has know has no relationship with a specific site.

I also created a user with view only access to the site the SIEM should get the data from.

The API should only be used to retrieve data, not make changes.

 

Yes this.