Let accounts have more than 1 API key
Right now, an account only has 1 API key. So that key can be available to devs putting content via scripts. However, we want a separate key for our Cloud File Backups so only our network people can have access to that particular segment.
Thanks for your feedback!
The Identity API today supports multiple users for an account (each with their own password credentials that can be used to get a token for the APIs). See http://docs.rackspace.com/auth/api/v2.0/auth-client-devguide/content/QuickStart-000.html.
We are planning to enable sub-user access and management in the control panel and providing role-based access control.
Please feel free to contact me with any questions!
Identity Product Manager
Aaron Ward commented
This feature is crucial for my business. I would like to duplicate the functionality of my FTP - Allow user to upload and download files from a designated directory.
Jarl Friis commented
take also a look on this feedback:
idempotent deployments is a wide usecase, and a very compelling argument.
Charlie Robbins commented
This is incredibly important imho for two things:
1. Currently it is not possible to share server images between accounts without downloading and then uploading the files stored on Cloudfiles through an intermediary. Given that each image can run up to ~700Mb, this is a prohibitively expensive / frustrating amount of time.
2. It is not possible to have truly idempotent deployments without multiple API keys. That is, if I want to bring up a new environment for staging (which will become production when verified), I must do so in a new Rackspace Cloud account to avoid unexpected side effects (bugs in API clients, configuration management tools, etc).
I also love to be able to set a username/api_key per container as opposed to one per account.
I really want to use cloudfiles as cdn but am currently uncomfortable with having the api key stored on my server to sync the files automatically. If the host gets compromised your snapshots / backups everything is at the mercy of that key. This is a serious security/usability issue.
This is more important with the Android / iPhone apps. If anyone in your organization is using a smartphone and leaves the company, securing your machine and account password isn't enough. You have to actually change your API key too. We use this for backup scripts, connecting several of our network users via the my.rackspace portal, and other locations. Talk about a major headache....
Martin Miksch commented
This would be great! This would be a great help in my business.
Brian Gallagher commented
it would also be safer having multiple API keys. If my iPhone w/Cloud App on it is lost, I would want to delete that API key (since the iPhone app requires no password to access), but I wouldn't want to revoke the key that the myRackspace account or CloudKick uses.
J. Lasut commented
Would be interesting for us to manage multiple Cloud Files accounts with one control panel account. We manage many applications and it would make our lives much easer.
Additionally, if the accounting can be linked to the use of the keys (e.g. servers created and hours used per key) then Rackspace Cloud customers such as myself can acutally appoint resellers who can work under us. So in addition to better security practices, as desired by acgann above, letting customers create additional keys can also boost business for all.