Hey everyone! It's that time again. It's been two weeks since we launched API Autosave as a part of Code.xyz, saving a lot of developers from losing the API building they'd be doing in their browser if they forgot to deploy. Today, we're launching a feature that should help people building Slack applications and more that want to restrict their API usage to a subset of IP addresses and / or authenticated users.

Introducing API Permissions

  • API permissions allow you to delegate access control on a per-API basis within Standard Library
  • These apply to APIs built from the Command Line or Code.xyz
  • The interface is available from both our dashboard and individual API pages on Standard Library
  • You can enable permissions, per user, IP (IPv4 address) or both to the following granularity;
    • API Execution: Can execute the API from the HTTP(S) endpoint or using SDKs
    • Documentation: All of the above, can also read documentation on Standard Library for the API
    • Deployment: All of the above, can also retrieve code and deploy new versions of the API using our CLI or Code.xyz
  • The default for permissions based on user type are as follows:
    • All users, all API development environments: API Execution
    • All users, all releases (unpublished): API Execution
    • All users, all releases (published): Documentation
    • All members of an organization, all APIs: Deployment
    • Owner, all APIs: Deployment
  • Basically — if you're part of an organization or own an API, you have Full Access (Deployment), otherwise you can only see published releases
  • All APIs on the platform are accessible via HTTP(S), ACLs used to be configurable as a deployment feature, we've now turned this into a platform feature

Enabling Permissions from Standard Library

Manage Permissions Button

  • Click to add permissions...

Manage Permissions

  • In the top section you'll have the ability to Select a user, Select an IP range, what Permission Level you're enabling, and Environments the permission applies to (releases or development environments)
  • By creating a permission entry, you whitelist the specific user x ip x permission x environment combination

Enabling Permissions from the Dashboard

  • Visit your dashboard API services page
  • Select your API that you'd like to modify the permissions of
  • Follow the steps above with the dashboard interface

Dashboard Permissions

Community Updates

Reflection: ServerlessDays London

In other news, we had the wonderful opportunity to speak and show off Code.xyz as ServerlessDays London just over a week ago. Thank you to everyone who showed up, it was a wonderful event!

Upcoming: ServerlessConf San Francisco

We also think it's a great time to mention we're sponsoring ServerlessConf San Francisco! Come join us on July 29th at the Hackathon where we'll be giving away prizes or throughout the conference from July 31st, 2018 until end of the day on August 1st, 2018. We'll be giving away free t-shirts and swag as well. Looking forward to seeing you!

Thank You!

Thanks for keeping up to date with Standard Library and Code.xyz development! If you'd like to keep up with the latest news, follow us on Twitter, @StdLibHQ and if you're looking for help don't hesitate to join our developer Slack Workspace for help (click here for an invitation).

Thank you for reading and being a part of our journey,

Keith Horwood
Founder and CEO, StdLib