Why is the API key not being generated by UPIMaster?

  • Resolved mpek

    (@mpek)


    7 years, 8 months ago

    I’m just evaluating your plugin and appreciate your efforts and it seems promising for my needs and the connection feature seems to open up the possibilities.

    I wonder why it is necessary to ask you for a key (API key), when I’d like to connect my sites?
    It would be much appreciated if my site, let’s say the UniMaster site is able to generate a connection key (the api key).
    Why do yo have to be in the “middle”?

    https://wordpress.org/plugins/upi-crm-universal-crm-solution/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Upi

    (@upi)

    7 years, 8 months ago

    Hello mpek, thanks for contacting us and thanks for a very important question.

    Please also note – we’re not asking for money for this key, we’re just doing our best to keep it secure and usable.

    When we implemented this feature, we had security on our minds.

    What we thought is that when you open up your website to received direct entries into your database, you’ll need a good security mechanism to control the connection.
    If we’ll allow a master site to create a key, than it means we’re actually releasing the algorithm we use in order to generate the API key, meaning every one will be able to generate a key and access your master.

    If you have another suggestion / idea of how can we solve this issue WITHOUT exposing the key generation algorithm – we’ll be more than happy to hear it.

    again, thanks for the inquiry.
    Uri

    Plugin Author Upi

    (@upi)

    7 years, 7 months ago

    Hi ,
    following your request , we have created an inbound / outbound web server, with an “independant” api key per your needs.

    please check new version released now 2.1.6.1 , “Web Services” section on the Menu.

    thanks
    Uri

    Thread Starter mpek

    (@mpek)

    7 years, 2 months ago

    Haven’t tested yet, but is “the man in the middle” avoided by this method now?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Why is the API key not being generated by UPIMaster?’ is closed to new replies.