Hi everyone
I have a sandbox and production environment which belongs to Prod-Org. I have created a ProductA in both Sadbox and production environment. Also i have created a App with an API key for an external developer and given access to ProductA.
Using the APIkey generated, the developer should access product A in sandbox. But he should not be allowed to access productA in production environment. my understanding is external developer with APP and apikey could access both sandbox proxyendpoint and production endpoint. How to prevent this. Please provide me the possible options to prevent access to production environment unless and until product owner approves it for the particular product
Thanks
Roshith
Hi @Roshith valappil, Sandbox and production environments will be having their own URLs to access. So basically if you want the external developer to access Sandbox environment, you can only expose the sandbox proxy endpoint to the developer.
IMO it is not a good practice for the API Developer to create Apps & Generating Keys for external developers.
You can make use of developer portal where,
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |