Application API - Not showing API keys created by other admins

[JustinPooters]

Current Behavior

When I create an Application API key from the Admin dashboard, other admin's can't see the keys I made (and I can't see theirs). I've also confirmed this on another server. Same issue.

Expected Behavior

I'd expect on the application api page every admin sees all API keys.

Steps to Reproduce

Create an Application API key.
Login with another user
It's not there.

Panel Version

1.11.7

Wings Version

1.11.13

Games and/or Eggs Affected

None

Docker Image

None

Error Logs

Not relevant.

Is there an existing issue for this?

• I have searched the existing issues before opening this issue.
• I have provided all relevant details, including the specific game and Docker images I am using if this issue is related to running a server.
• I have checked in the Discord server and believe this is a bug with the software, and not a configuration issue with my specific system.

[MackenzieMolloy]

I believe this is intentional however I agree that all Application API keys should be visible to all Admins since it does pose the potential for malicious users to generate keys without other panel admins noticing.

In the meantime, you can view the api_keys table to see all API Keys - this table does also include normal User API Keys.

[JustinPooters]

That was exactly my worry. We use Pterodactyl for our game servers. If we dismiss someone who had admin rights and they still have an active API key, it could be exploited for malicious purposes.

[MackenzieMolloy]

I'll make a PR later today to adjust this behaviour for you.

I'm not sure if the Pterodactyl team will merge it as, like I said, I think the current functionality is intentional.

If you don't know how to build the source files, feel free to reach out to me on Discord ('wackenzie' is my tag).

Happy to help.