Hey everyone! It's that time again. It's been two weeks since we launched API Autosave as a part of Code.xyz, saving a lot of developers from losing the API building they'd be doing in their browser if they forgot to deploy. Today, we're launching a feature that should help people building Slack applications and more that want to restrict their API usage to a subset of IP addresses and / or authenticated users.

Introducing API Permissions

API permissions allow you to delegate access control on a per-API basis within Standard Library

These apply to APIs built from the Command Line or Code.xyz

The interface is available from both our dashboard and individual API pages on Standard Library

You can enable permissions, per user, IP (IPv4 address) or both to the following granularity; API Execution : Can execute the API from the HTTP(S) endpoint or using SDKs Documentation : All of the above, can also read documentation on Standard Library for the API Deployment : All of the above, can also retrieve code and deploy new versions of the API using our CLI or Code.xyz

The default for permissions based on user type are as follows: All users, all API development environments : API Execution All users, all releases (unpublished) : API Execution All users, all releases (published) : Documentation All members of an organization, all APIs : Deployment Owner, all APIs : Deployment

for permissions based on user type are as follows: Basically — if you're part of an organization or own an API, you have Full Access (Deployment), otherwise you can only see published releases

All APIs on the platform are accessible via HTTP(S), ACLs used to be configurable as a deployment feature, we've now turned this into a platform feature

Enabling Permissions from Standard Library

Visit your Standard Library API Page (for example, https://standardlibrary.com/@keith/lib/tweetstorm/)

If you're an owner of the API, you'll see a Manage Permissions button beside the favorite button

Click to add permissions...

In the top section you'll have the ability to Select a user , Select an IP range , what Permission Level you're enabling, and Environments the permission applies to (releases or development environments)

, , what you're enabling, and the permission applies to (releases or development environments) By creating a permission entry, you whitelist the specific user x ip x permission x environment combination

Enabling Permissions from the Dashboard

Visit your dashboard API services page

Select your API that you'd like to modify the permissions of

Follow the steps above with the dashboard interface

Reflection: ServerlessDays London

In other news, we had the wonderful opportunity to speak and show off Code.xyz as ServerlessDays London just over a week ago. Thank you to everyone who showed up, it was a wonderful event!

Cool thing from @standardlibraryHQ online text editor is when creating an API, it auto generates the documentation. #serverlessldn @ServerlessLDN — Julian Wood (@julian_wood) July 6, 2018

Upcoming: ServerlessConf San Francisco

We also think it's a great time to mention we're sponsoring ServerlessConf San Francisco! Come join us on July 29th at the Hackathon where we'll be giving away prizes or throughout the conference from July 31st, 2018 until end of the day on August 1st, 2018. We'll be giving away free t-shirts and swag as well. Looking forward to seeing you!

Thank You!

Thanks for keeping up to date with Standard Library and Code.xyz development! If you'd like to keep up with the latest news, follow us on Twitter, @standardlibraryHQ and if you're looking for help don't hesitate to join our developer Slack Workspace for help (click here for an invitation).

Thank you for reading and being a part of our journey,