ACSP Suggestion 2017.22: Disable OT&E API keys (RegRWS) in Production Systems
Author: Alexander Stranzky
Submitted On: 20 November 2017
Disable OT&E API keys (RegRWS) on the production database.
When testing an application, it’s important to have a test system separate from the production system. With OT&E, it’s possible to do that. However, the OT&E API keys are also valid keys for the production database. So, to get a better separation of production and test systems I propose that an OT&E API key is not allowed to work on the production system and vice versa. This makes sure that you cannot incidentally switch to the other system simply by making a mistake in the URL selection.
Value to Community: Separating the scope of the production and test API keys guarantees that production data are not affected even when an error in an API test run occurs that would affect the production data.
Timeframe: Not specified
Status: Open Updated: 10 April 2018
15 December 2017
Thank you for your suggestion, numbered 2017.22 upon confirmed receipt, requesting ARIN disable OT&E API keys (RegRWS) on the production database.
We agree that disabling OT&E API keys on the production system could prevent accidental usage across systems and we will work to implement your suggestion. Our development schedule for the 2018 year is currently filled by previously-submitted community suggestions and other system improvements. We will review that schedule for changes and new additions early next year, and at that time will consider if scheduling for this suggestion may be moved up.
Thank you for participating in the ARIN Consultation and Suggestion Process. Your suggestion will remain open until fully implemented.
10 April 2018
This suggestion is not on the 2018 Work Plan and will be considered as part of the Community Consultation on Open ACSPs in April 2018. This consultation will serve as one of the inputs to help determine which suggestions will be included ARIN’s 2019 Work Plan.