Skip to content

Implement scoped API keys with least-privilege enforcement#548

Merged
Baskarayelu merged 2 commits into
CredenceOrg:mainfrom
olaleyeolajide81-sketch:feature/scoped-api-keys
Jun 25, 2026
Merged

Implement scoped API keys with least-privilege enforcement#548
Baskarayelu merged 2 commits into
CredenceOrg:mainfrom
olaleyeolajide81-sketch:feature/scoped-api-keys

Conversation

@olaleyeolajide81-sketch

@olaleyeolajide81-sketch olaleyeolajide81-sketch commented Jun 24, 2026

Copy link
Copy Markdown
Contributor
  • Define fine-grained scope vocabulary (bond:read, bond:write, attestation:write, trust:read, payouts:write)
  • Create database migration for api_keys table with scopes array
  • Implement ApiKeysRepository for database operations
  • Update API key service to use database repository and support multiple scopes
  • Add requireScope middleware for scope enforcement
  • Create API key management routes (POST, GET, DELETE, rotate)
  • Apply requireScope middleware to bond, trust, and attestations routes
  • Add audit logging for all API key operations
  • Write comprehensive unit and integration tests
  • Update documentation with scope vocabulary and usage examples

closes #460

@iyanumajekodunmi756
Implement scoped API keys with least-privilege enforcement
ff72c75 
- Define fine-grained scope vocabulary (bond:read, bond:write, attestation:write, trust:read, payouts:write)
- Create database migration for api_keys table with scopes array
- Implement ApiKeysRepository for database operations
- Update API key service to use database repository and support multiple scopes
- Add requireScope middleware for scope enforcement
- Create API key management routes (POST, GET, DELETE, rotate)
- Apply requireScope middleware to bond, trust, and attestations routes
- Add audit logging for all API key operations
- Write comprehensive unit and integration tests
- Update documentation with scope vocabulary and usage examples
@drips-wave

drips-wave Bot commented Jun 24, 2026

Copy link
Copy Markdown

@olaleyeolajide81-sketch Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@Baskarayelu Baskarayelu merged commit 8204ad7 into CredenceOrg:main Jun 25, 2026
1 of 2 checks passed
@grantfox-oss grantfox-oss Bot mentioned this pull request Jun 25, 2026
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add scoped API keys with least-privilege enforcement to src/routes/apiKeys.ts

3 participants

@olaleyeolajide81-sketch @Baskarayelu @iyanumajekodunmi756