Have api keys specific to domains.
This would enable finer grained control for development teams that have multiple environments.
For example, credentials to send from development / sending domains would be different than the ones needed to send from the production domain.
Our current plan here is to allow for SMTP credentials to authenticate with our /messages API endpoint, meaning they would they would be allowed to send messages via SMTP or API.
Let me know if you have thoughts on this proposed solution.
Orion N McClelland commented
I also need this as I am providing service to a client, and I don't feel comfortable that the client has free access to my API key in the mailgun wordpress plugin. That's not a very secure approach.
An essential feature that needs to be implemented
I agree, this would be a nice feature.
Francis Pelland commented
Looks like this has been "planned" for a while, what is the update on this?
Any Update on this DEV team? Seems like a very critical security feature
Olivier Le Floch commented
Andy Brody commented
Is this still on the roadmap? It's really irritating to have to use SMTP credentials for this.
Tobias J. commented
Are there any news about that "planned" feature? If there are api keys per domain the api needs the possibility to get the generated keys using the "master api key".