OVH Community

JefM · 2020-05-27 09:16:47 UTC

Hello,

I was auditing my API application tokens and found two tokens with the following permissions:

{
  "expiration": "2020-06-03T10:57:27+02:00",
  "creation": "2020-05-27T10:57:27+02:00",
  "applicationId": 115,
  "ovhSupport": false,
  "status": "validated",
  "allowedIPs": null,
  "rules": [
    {
      "method": "GET",
      "path": "/*"
    },
    {
      "method": "POST",
      "path": "/*"
    },
    {
      "path": "/*",
      "method": "PUT"
    },
    {
      "method": "DELETE",
      "path": "/*"
    }
  ],
  "lastUse": null,
  "credentialId": *****
}
{
  "rules": [
    {
      "path": "/*",
      "method": "GET"
    },
    {
      "method": "POST",
      "path": "/*"
    },
    {
      "path": "/*",
      "method": "PUT"
    },
    {
      "method": "DELETE",
      "path": "/*"
    }
  ],
  "status": "validated",
  "ovhSupport": false,
  "expiration": "2020-06-03T10:57:29+02:00",
  "applicationId": 115,
  "allowedIPs": null,
  "credentialId": *****,
  "lastUse": null,
  "creation": "2020-05-27T10:57:29+02:00"
}

Is this normal ?

Thanks,
Best Regards.

API: Token with application ID 115 and full permission appearing