Remote user security permission

Discussion in 'Installation/Configuration' started by kinai, Oct 21, 2014.

  1. kinai

    kinai Member


    I have configured some remote users to access the remote method (ISPConfig Remote API) as DNS Services (get zone info and update A).

    It seems that we don't have any feature to limit the "scope" of the object to update. For example, I can't limit my remote user to update the content of a specific dns zone, he have access on each zone define in ISPConfig.

    Is it possible to limit a remote user ?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The API has always the same permisions then an ispconfig admin user. You can only limit the functions that it has but not the objects that it can modify with that function.
  3. kinai

    kinai Member

    Perhaps, for increase security, it could be interesting to implement limitation for the remote api. I can see a feature request to link remote api user to a client, it could be a good idea.


Share This Page