I can’t wait until ANet releases the game promoted in the manifesto.
Until that, I’ll play GW2.
Until that, I’ll play GW2.
I have a question about the permissions for API keys. Why is the “account” permission mandatory?
It seems to me that the most popular applications for the API keys is to calculate the gold value of the bank/material storage/inventory. To work properly, these applications need the “inventories” and “wallet” permissions, but wouldn’t strictly need the “account” data.
I see the theoretical possibility that such a “net account value” application could use the API data to select profitable targets for hacking attempts. If the account permission wasn’t necessary, the applications could still work properly to calculate the account value, but don’t know which account is worth so much.
Is there a technical reason why the “account” permission is mandatory? Or am I the only one who is paranoid enough to think of this scenario?
Web Programmer
The API “frontend” doesn’t have permission to do anything; the permissions are enforced by other backend servers. To talk to the backend servers about an account, we need to get the account ID which requires the “account” permission.
Not affiliated with ArenaNet or NCSOFT. No support is provided.
All assets, page layout, visual style belong to ArenaNet and are used solely to replicate the original design and preserve the original look and feel.
Contact /u/e-scrape-artist on reddit if you encounter a bug.