Langfuse
Time-bound Access keys
#11581
Replies: 1 comment
-
|
Thanks a lot for the discussion. We will consider this as we revamp the our API key implementation. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Describe the feature or potential improvement
Add first-class support for expiring SDK/API keys to reduce long-lived credential risk and enforce rotation.
Purpose:
Prevent orphaned, permanent credentials
Support access governance, leaks, offboarding
Feature
Keys must have an expiresAt (or enforce max TTL via org policy)
Fail authentication after expiry
Admin controls:
list keys with expiry, last-used, created-by, scope
change key expiry
UI/API
UI: key creation requires selecting TTL (or inherits org default)
API: create key with TTL/expiresAt; revoke; list/filter by expiring soon
Willingness to Contribute:
Yes
Additional information
No response
Beta Was this translation helpful? Give feedback.
All reactions