I recently set up our first Private App and was a little surprised by how accessible our data is to anyone who has the bearer token. We do our best to keep these things secret, but is just a random string of text and once you have it, you can access everything that the private app has been given access to.
We'd like to see the option to restrict access with Private Apps to specific IP address/range of addresses. This would allow us to create better security around our member's data and know that it can't be accessed unless it was coming from a known and trusted source.
This is a good suggestion along with the ability to limit the scopes from listing entire entities.
Debe ser un usuario registrado para añadir un comentario aquí. Si ya está registrado, inicie sesión. Si todavía no está registrado, hágalo e inicie sesión.
