Skip to content

Allow API keys valid for less than 15min total to skip MFA #4691

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
segiddins merged 1 commit into from
May 8, 2024
Merged

Allow API keys valid for less than 15min total to skip MFA #4691

segiddins merged 1 commit into from
May 8, 2024

Conversation

@segiddins
Copy link
Contributor

@segiddins segiddins commented May 8, 2024

Now that we allow creating API keys with a custom expiration time (that is immutable to users), we want to allow API keys made to be intentionally super short-lived to skip MFA

This is useful for allowing a user to mint a single API token for 10 minutes and use it for multiple requests in that timeframe without needing to supply MFA on each request

@segiddins segiddins requested review from indirect and martinemde May 8, 2024 04:54
martinemde
martinemde reviewed May 8, 2024
View reviewed changes
@segiddins
Allow API keys valid for less than 15min total to skip MFA
f7a0559 
Now that we allow creating API keys with a custom expiration time (that is immutable to users), we want to allow API keys made to be intentionally super short-lived to skip MFA

This is useful for allowing a user to mint a single API token for 10 minutes and use it for multiple requests in that timeframe without needing to supply MFA on each request
@segiddins segiddins force-pushed the segiddins/allow-api-keys-valid-for-less-than-15min-total-to-skip-mfa branch from 7e5c9c4 to f7a0559 Compare May 8, 2024 06:52
@codecov
Copy link

codecov bot commented May 8, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.11%. Comparing base (a2d46d5) to head (f7a0559).
Report is 2 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4691      +/-   ##
==========================================
+ Coverage   97.10%   97.11%   +0.01%     
==========================================
  Files         392      393       +1     
  Lines        8279     8326      +47     
==========================================
+ Hits         8039     8086      +47     
  Misses        240      240

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@segiddins segiddins merged commit 4fc57f6 into master May 8, 2024
@segiddins segiddins deleted the segiddins/allow-api-keys-valid-for-less-than-15min-total-to-skip-mfa branch May 8, 2024 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@indirect indirect Awaiting requested review from indirect

1 more reviewer

@martinemde martinemde martinemde approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@segiddins @martinemde