MicrosoftEdge-Extensions icon indicating copy to clipboard operation
MicrosoftEdge-Extensions copied to clipboard
verified publisher icon microsoft

[FeatureReq - Partner Center] Programmatically Renew API Keys in Publish API v1.1

Open gabriel-stackhouse opened this issue 1 year ago • 3 comments

Is your feature request related to a problem? Please describe.

I understand that a recent change was made to move from access tokens to rotating API keys to enhance the security of the Microsoft Edge Publish API. These API keys now expire every 72 days to reduce the risk of compromised credentials.

As it stands, there is no way to renew these keys programmatically. This means that every 72 days, a developer must manually log into the Partner Center, regenerate the API keys, and then manually update them in their CI/CD pipelines.

This manual process presents several challenges:

  • Increased Risk of Human Error: Manual key rotation increases the likelihood of mistakes, such as misconfiguration, forgetting to update the keys in all necessary locations, or forgetting to renew the keys entirely.
  • Scalability Issues: For small teams or projects that are maintained infrequently, this requirement adds an unnecessary operational burden.
  • Potential Security Risks: Ironically, the manual process may introduce security risks if keys are shared insecurely during the update process.

Describe the solution you'd like

I would like to have a way to programmatically renew API keys through an API endpoint or automation script.

Implementing this feature would:

  • Enhance security by allowing for more frequent key rotations without additional manual overhead.
  • Reduce the risk of deployment failures due to expired keys.

gabriel-stackhouse avatar Nov 04 '24 22:11 gabriel-stackhouse

Hey @gabriel-stackhouse, thank you for your suggestion. We are looking into this and will let you know as soon as we have an update from our team.

Thank you.

ManikanthMSFT avatar Nov 05 '24 11:11 ManikanthMSFT

Hi @gabriel-stackhouse, we got an update from our team and would like to inform you that we have added this feature request to our upcoming feature list. However, at this time, we cannot commit to an exact timeline for its implementation. Rest assured, we recognize the importance of this feature and will prioritize it accordingly.

Thank you for your understanding and patience.

ManikanthMSFT avatar Nov 18 '24 12:11 ManikanthMSFT

@ManikanthMSFT Thank you for the update - I look forward to this feature being implemented!

gabriel-stackhouse avatar Nov 18 '24 20:11 gabriel-stackhouse

Hi @gabriel-stackhouse

I am Rahul from the Microsoft Edge Extensions Developer Support team.

Just to keep you in the loop—this feature request hasn’t been scheduled yet. It’s likely to be reviewed in the next planning cycle.

Also, this issue appears to be a duplicate of #272, which also discusses the challenges of manual API key renewal and its impact on CI/CD workflows. So, to keep the discussion centralized, I’m closing this issue in favor of #272.

Going forward, I’ll be sharing all updates related to this issue in #272 Please refer to that thread for the latest information, and feel free to contribute any suggestions or questions there. Thanks for your patience and understanding!

Rahul-Bauri avatar Aug 07 '25 07:08 Rahul-Bauri