Per-user REST key management UI


Well-known member
With the XF2.1 REST API, there is the possibility of per-user keys. Except as described in the HYS REST API there is no front-end API for a user to manage (revoke or issue, or even list) keys associated with their account.

Nearly every website which offers API access with API keys also offers management of those keys to allow revocation or regeneration.

This is a fairly important aspect to smoothly enable per-user consumption of an API key with the REST API.

Github for example;
Last edited:

The Dark Wizard

Well-known member
OAuth keys for client-side apps (such as a potential mobile app) would be essential imo.
I agree on this wholeheartedly except the mobile app.

We should be embracing PWAs as the future and ever improving the mobile responsible experience and knocking on Apple's door to support standard and mainstream APIs, like the Push API so things like Mobile Apps are not required for basic things like that anymore, things that their laptops, and desktops and windows and linux and major browsers across the world support.

Lukas W.

Formerly katsulynx
It was just meant to describe a use case for such OAuth keys. The need for mobile apps in the next years to come is a different discussion, but for now it's a valid one.


Well-known member
In order to justify my use-case, we will require a way for a user to generate their own key. Would really prefer this isn't an extended feature.