launchpad-dev team mailing list archive

Thread
Date

Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale

To: Max Bowsher <maxb@xxxxxxx>
From: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
Date: Sun, 20 Sep 2009 16:09:38 -0400
Cc: launchpad-dev@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4AB6615F.60300@f2s.com> (Max Bowsher's message of "Sun, 20 Sep 2009 18:07:43 +0100")
Reply-to: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux)

Max Bowsher <maxb@xxxxxxx> writes:
> Quoting https://dev.launchpad.net/API:
>
> """
> Authenticated Access Only
>
> By design, there is no anonymous access through the API. You can do
> read-only access (through a read-only token) but not anonymous access.
> All API use is accounted to a person.
> """
>
> Why?
>
> Please feel free to respond in the form of a wiki edit :-)

I'll answer here, and see if anyone follows up with more (or more
correct) information, before we put this in the wiki.

My understanding is that it's a way to have some safeguard against
[possibly accidental] DoS.  If all accesses are authenticated, then if
someone does something that causes a problem, we can shut off just that
person's API access.  (Presumably, we'd then try to contact them and
figure out a better solution.)

Anyone know a different reason?

-Karl

Follow ups

Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Martin Pool, 2009-09-21
Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Max Bowsher, 2009-09-20

References

https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Max Bowsher, 2009-09-20