Fred Martin
-
Posts
7 -
Joined
-
Last visited
Content Type
Downloads
Release Notes
IPS4 Guides
IPS4 Developer Documentation
Invision Community Blog
Development Blog
Deprecation Tracker
Providers Directory
Forums
Events
Store
Gallery
Posts posted by Fred Martin
-
-
All right. Wouldn't IPS clients benefit from a functionality where endpoints can be restricted via user group permissions? We're looking to use https://www.mediawiki.org/wiki/Extension:External_Data to get data from our IP forum, but obviously if we do it via REST API as it is currently, our wiki editors could query sensitive data.
-
Hello,
Is it possible to limit the results for GET requests on e.g. /core/members/{id} endpoint? We don't want details such as the email and IP addresses to be included in the json response.
-
Any reason why this isn't being added into the marketplace?
-
REST API Limit Results
in Feedback
Posted
Hello,
I'm making this suggestion based on my earlier support request: https://invisioncommunity.com/forums/topic/465966-rest-api-limit-results
Could there be a built-in feature for the REST API, where you can attach a user group to an API key to limit which information it can POST or GET from an endpoint? For example, as it is now doing GET requests on /core/members/{id} endpoint will return all of the information of a user (including sensitive). I'd like to limit these requests to the most basic user group, so that only public information can be queried. This allows us to do some integration between our forum and wiki, using an extension to query forum data.
Or it might be easier to implement a system where we have an option to create an API key that can only access GET endpoints to publicly accessible information (i.e. what guests can see). That would be sufficient as well.
We hope this suggestion is taken into consideration.