An API key must be used by a single deviceAnswered

We made a change nearly a year ago that limits API keys to a single IP address.

The error code is described in detail here: https://wyday.com/limelm/help/api/limelm.pkey.generate/#error-codes

Thank you,I went to my settings page but don't see where i can reset the last used IP address. It just seems to be a display of the information.thanks,Ian

On the settings page for the user account to which the API key belongs youll see the last used IP address for the API key and youll see a link to reset the last used API key. Click the link.

I don't see a link - am i on the wrong page?

https://drive.google.com/open?id=17PImXwhQKUz9Fx7HRGqVBF_HxF0OEHgb

The reset link isnt visible after 24 hours... because a reset isnt necessary after 24 hours. Just use the api key again.

Ah OK - i see the problem.I am calling the API from Zapier, which uses Amazon and potentially a large range of IP addresses from my one user.The Zap i am using cannot guarantee a static IP.Is there a practical solution to this dilemma?

Hi Ian,

I don't think your going to like Wyday's response

Unfortunately Wyday have this overly protective API policy making what your trying to do (which is very very very common) impossible with Wyday API.

If Wyday could please listen to developers issues and come up with another API protection strategy (a non IP address base throttling method) that would be awesome!

RegardsSteve

Thanks Steve,

That's disappointing - yes, even upgrading to a multi-user plan won't help.As you say this must be a common problem for cloud apps.

Looks like i'm in for a re-write and change of licensing platform...regards,Ian

Hey Ian,

Zapier supports static IP addresses: https://zapier.com/help/sql-server/#is-your-database-ip-restricted

Contact them and ask them how to set it up.

Regarding this change in general, this is a security measure that is necessary to ensure your data safety and your customers data safety. I don't doubt you'll be able to find competitors to us that throw caution to the wind and have no such security protections. Hell, we have competitors who lie about making software uncrackable. So, putting your data at risk is not a big deal to these companies. (in for a penny, in for a pound).

In the near future we'll be offering the following:

#1. Setting a small number of static IP addresses (3 or 4) that an API key can be accessed from.

#2. A new customer portal software that you can manage common task from (thereby eliminating a whole class of problems that are currently solved by using API keys).

#2 is coming first. No hard date. ASAP.

At any rate, this problem already has a solution. Contact Zapier about enabling static ips.

Hi Wyatt,

Good news you're looking at relaxing your stance on static IPs but we have 5 front end servers so 3-4 IP address aren't going to work for us

CheersSteve

Hi Wyatt,

I've checkout our your suggestion for Ian but that solution seems to only apply to direct SQL connections.

CheersSteve

Contact Zapier, if they have the ability to use static IPs for some things they have the ability to do it with others.

Hi Wyatt,

I contacted Zapier and this is their response.

"We only have a static IP for our MySQL, PostgreSQL and SQL Server integrations. Everything else is from a general pool of servers from AWS's us-east-1 region. We don't have another way to lock in a specific IP -- I'm sorry for the news! Let us know if you have any questions."

CheersSteve

Hi Wyatt,

We are in a similar boat to Ian in that we use Zapier extensively.

Our plan was to use Wyday for licensing but as you can't integrate with them we will have to look elsewhere.

Having the "allowed" IP address being limited to 1 per 24 hours is ridiculous when so many cloud type services don't allow for static IP addresses.

Is this something you are looking to address? (Quite frankly 3 extra allowed IP's is not good enough)

Regards

Chris K

The world is changing. Apps like Shopify, Zapier, Amazon, Integrations is the way to go. Connecting LimeLM to these apps are essential in 2020. I learned this the hard way. Sometimes it’s time to recognize and update accordingly.....I’m finding after 10 years, my shopping cart is old and has ancient PHP. Moving to Shopify opened my eyes onto how much money I’m actually missing out by being old-school

@ianh

Trying to figure out a way to send a private message. Have you figured this out. I’m moving to Shopify and don’t see a dedicated Zapier for Limelm. Was this something you created yourself?