Early heads up: switching away from user API keys #483
Comments
|
Hey @FredZhao-at this plugin seems to be dead but I use it daily and I have migrains from it as both AirTable and Gatsby are quickly evolving. Would you guys take into account take over the development of it? I can help of course! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi! I’m Fred, an engineer on the Airtable API team. I’m writing here to share some plans we have to move away from user API keys, with a goal of communicating it early so you have time to triage and prioritize work needed.
First, some context. We recently published a new developer doc site, and announced two new authentication methods, as well as new endpoints and capabilities those methods support: https://airtable.com/developers/web/api/changelog#anchor-2022-11-15
Since these new authentication methods (personal access tokens and OAuth integration access tokens) are much more secure than the current user API key authentication method, we are limiting the new endpoints and capabilities to only be available to the new methods.
The medium term plan is to deprecate user API keys. We are still working on the exact details, but the deprecation period will last 1 year, and we expect it to begin at the start of next year (Jan 2023).
Based on this we recommend preparing to support the new API token format:
/^key[a-zA-Z0-9]{14}$/), start supporting the new personal access token key format as well (/^pat[a-zA-Z0-9]{14}\.[0-9a-f]{64}$/)The text was updated successfully, but these errors were encountered: