7 results found
Could you please change to a standard email/password form on one page and, allow for longer sessions?1 vote
error "The CSFR token has expired"1 vote
I can't contact you or sign up for your service because your forms reject both my AOL and Gmail business email address - saying they aren't valid business addresses. My AOL business email address has been active for 20 years! I live in the US. What is a qualified email address to you?1 vote
If a business person makes an account and wants to give access to a tech person, it's needlessly frictionful and probably bad for security that the free trial prevents user invites and encourages sharing login credentials.1 vote
Implement a way to search for users within the Account Security page, to make removing access or verifying access easier.1 vote
If a plan was on Scale and used SAML SSO, then downgraded to a lower plan while SAML was enabled, attempting to log into Mailgun via SAML returns a 500 error. This can be confusing to customers who are not aware that SAML SSO is exclusive to Scale plan1 vote
It should be possible to restrict the call types that your API key is able to make in order to reduce the impact of a leaked/breached key.
For example, if my API key is accidentally exposed, an attacker could then go on to exfiltrate data from my account.
If it were possible to lock down your API key so that it can only make certain call types, the impact of such a breach would be drastically reduced.
For example, I could lock down my key so that it is only permitted to add/send emails to a particular mailing…7 votes
- Don't see your idea?