Developer forum

Forum » Dynamicweb 10 » Dynamicweb CLI and permissions

Dynamicweb CLI and permissions

E-mail notifications
Kevin Steffer
Kevin Steffer
Reply
Posted on 28/08/2025 10:05:36

It looks like any ApiKey for the CLI can perform any action - there's absolutely no permission control - is that correct?

I genuinely thought that an ApiKey was tied to the user owning the key and that the user's permissions were controlled under any of the commands availble!

It's a bit concerning security wise if any ApiKey gives access to do anything when the idea with the CLI is to use it for ERP file uploads/downloads and ApiKeys are given to other parties.

Typically our FTP accounts for that type of usage only had access to the folders they should be allowed to upload to or download from. 


Replies

 
Anders Ebdrup
Posted on 23/09/2025 18:21:57
Reply

I am also very curious about this matter.

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 23/09/2025 20:56:55
Reply

Hi

This is on our radar alonig a couple of other improvements for files. It is tracked as an Epic with id #25308

https://doc.dynamicweb.dev/documentation/fundamentals/dw10release/releasenotes/workiteminfo.html?workitemid=25308

It has not been planned yet, but is in the backlog - more to follow.

BR Nicolai

 
Kevin Steffer
Kevin Steffer
Posted on 24/09/2025 08:15:00
Reply

Awesome Nicolai!

 

You must be logged in to post in the forum