Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Currently a session id can be used on a per remote call basis. It would be benefical if this approach could be extended for api keys. This would allow for open and closed calls. I have attached a patch to provide this functionality.
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | services.module.drupal6.2.patch | 1.23 KB | marcingy |
| #2 | services.module.drupal6.patch | 1.23 KB | marcingy |
| services.module.patch | 1.21 KB | marcingy |
Comments
Comment #1
marcingy commentedComment #2
marcingy commentedPatch re-rolled for drupal 6
Comment #3
marcingy commentedre-rolled against final drupal 6 services patch
Comment #4
marcingy commentedComment #5
nedjo+1
Yes, keys may be needed for some services but not for others. Example: site offers two services, remote node editing (exposed in a tightly controlled way) and a weather forecast service (available to anyone).
Comments:
1. At a minimum, we need a way to convey to site admins that some services require keys and others don't.
2. We could consider making this an admin setting rather than a new metadata attribute.
3. Assuming we don't move to a setting, the patch should add this #key setting to existing services.
Comment #6
marcingy commentedI'll re roll a version 5 and 6 patch which applies the key attribute to existing functions. Might take me a couple of days but it is on it way.
Comment #7
magico commentedI think that we don't need to define if a function needs a key or not in the code.
In fact, any function should use keys (or not) based only on the site services settings.
Let's think for a moment: if we have a way to specify (in the site administration) which services require keys, why would we specify that in code? And a service that needs a key today, perhaps does not need it tomorrow.
Comment #8
marcingy commented