Restricted API keys

[TimoAtMUV]

An API token for the Balena cloud is very powerful and anyone who has the API key can have a big impact on devices, e.g. update all environment variables of all devices, it would be great if we could restrict an API key to a subset of fleets.

This would make development cycles much more secure. => Limit an API key to a staging fleet.

[thgreasi]

Hi,
We have already done some work (scoped API keys) to unblock this as a follow-up feature. This for sure sounds useful.
Let me link you to our roadmap item where you can upvote this feature request.
See: https://roadmap.balena.io/posts/20/scoped-api-keys