Skip to content

docs: add API key scopes documentation #20742

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Emyrk merged 7 commits into from
Nov 17, 2025
Merged

docs: add API key scopes documentation #20742

Emyrk merged 7 commits into from
Nov 17, 2025

Conversation

@Emyrk
Copy link
Member

@Emyrk Emyrk commented Nov 12, 2025

Description

Adds a brief section to the API & Session Tokens documentation explaining API key scopes.

Changes

  • Added "API Key Scopes" section to docs/admin/users/sessions-tokens.md
  • Includes overview of scope functionality and security benefits
  • Documents scope format (resource:action) and wildcard usage
  • Provides CLI examples for creating scoped tokens
  • Lists common scope examples with descriptions

Motivation

Users need documentation on how to create and use scoped API tokens for improved security by limiting token permissions to only necessary operations.

Testing

  • Reviewed documentation formatting
  • Verified markdown structure
  • Confirmed examples are accurate

@Emyrk
docs: add API key scopes documentation
b00e1e4 
Add a section to the sessions-tokens documentation explaining API key
scopes, including:
- Overview of scope functionality and security benefits
- Scope format (resource:action) and wildcard usage
- CLI examples for creating scoped tokens
- Common scope examples with descriptions
Emyrk added 6 commits November 12, 2025 11:41
@Emyrk
docs: add allow lists section for API key scopes
c297706 
Add documentation for allow lists as an advanced feature that can be
combined with scopes to restrict tokens to specific resource UUIDs.
@Emyrk
docs: clarify exclusive nature of allow lists
d710eae 
Make it explicit that allow lists are exclusive - tokens can ONLY act on
resources in the allow list. Add example showing how to maintain access
to other resources by being exhaustive with allow list entries.
@Emyrk
docs: add '... etc' to allow lists example
c527754 
Emphasize the exhaustive nature of allow lists by showing that
additional entries would be needed.
@Emyrk
docs: fix invalid scope in allow lists example
1179cbe 
Replace organization:* with user:read which is a valid scope.
@Emyrk
docs: quote all flag arguments in examples
af5e24c
@Emyrk
linting
b686d43
@Emyrk Emyrk marked this pull request as ready for review November 12, 2025 22:46
@Emyrk Emyrk requested a review from stirby November 14, 2025 14:30
@Emyrk Emyrk merged commit a272843 into main Nov 17, 2025
27 checks passed
@Emyrk Emyrk deleted the docs/add-api-key-scopes-documentation branch November 17, 2025 17:34
@github-actions github-actions bot locked and limited conversation to collaborators Nov 17, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@stirby stirby stirby approved these changes

Assignees

@Emyrk Emyrk

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Emyrk @stirby