Envato api hack?

tips-and-tricks

#1

Hello, guys!
If somebody have my api can they do any harm?
thank you.


#2

Do you mean you API key? If so, it is definitely possible and the impact will depend on the permissions you have assigned to that key.

My recommendations are to use individual keys for different services (third parties, personal, work, etc) and to only provide the bare minimum required permissions for any third party services to do what you need them to. It’s also a good idea to periodically review any keys and their associated permissions to ensure you don’t leave unintended access to your account.


#3

Thank you for quick respond!
Yes, my api key. How can set permissions and review the existing keys? Thank you!


#4

You can see your authorised applications and tokens at https://build.envato.com/my-apps. Under each token, you’ll see what scopes it has access to.