Hi, I have configured some remote users to access the remote method (ISPConfig Remote API) as DNS Services (get zone info and update A). It seems that we don't have any feature to limit the "scope" of the object to update. For example, I can't limit my remote user to update the content of a specific dns zone, he have access on each zone define in ISPConfig. Is it possible to limit a remote user ? Thanks, Yannick
The API has always the same permisions then an ispconfig admin user. You can only limit the functions that it has but not the objects that it can modify with that function.
Perhaps, for increase security, it could be interesting to implement limitation for the remote api. I can see a feature request to link remote api user to a client, it could be a good idea. Yannick