Zuplo Changelog

We release improvements, new features, and fixes daily. Follow along here to see the most important updates.

ALL
DEV EXPERIENCE
DEV PORTAL
DOCS
MONETIZATION
PERFORMANCE
POLICY
PORTAL
RUNTIME
SECURITY

Support for Multifactor Authentication (MFA)

You can now enable multifactor authentication (MFA) to add an extra layer of security to your Zuplo account. MFA requires a second form of verification, such as an authenticator app or security key, in addition to your password.

Zuplo Multifactor Authentication settings screen showing three MFA options: One-time Password, WebAuthn with FIDO Security Keys (enrolled), and WebAuthn with FIDO Device Biometrics. Each option has an Enroll or Remove button.

To enable MFA:

  • Go to your user profile by clicking your avatar in the top right corner of the Zuplo Portal and selecting Profile
  • Find the Multifactor Authentication section
  • Click Enroll on the method you want to use (authenticator app or security key)
  • Follow the setup instructions for your chosen method

Once enabled, you'll be prompted to enter your second factor when logging in to you Zuplo account.

For more details, see the Multifactor Authentication documentation.

Role-Based Access Control (RBAC)

Role-Based Access Control allows you to assign specific roles to users who access the Zuplo Portal. These roles determine the permissions that users have and the actions they can perform. For example, you can assign roles such as "Admin", "Developer", or "Viewer", each with different levels of access to resources and functionality.

With RBAC, you can:

  • Assign roles to users based on their responsibilities and access requirements.
  • Limit access to production resources to only select users.
  • Enable more users access to the Zuplo Portal, such as API Analytics, without compromising security.

See the Account Members & Roles documentation for more information.

Account Members

Fine-Grained API Keys

Developers can use Zuplo's CLI and API to automate tasks with the Zuplo platform. For example, you can create a custom CI/CD process to publish your Zuplo API or automate the management of environment variables. Previously, each account had only a single API key, which granted full access to all resources and functionality. With Fine-Grained API Keys, you can create multiple API keys with limited permissions.

These new capabilities allow:

  • Create API keys with specific permissions for specific tasks, environments, or projects.
  • Set expiration dates on API Keys to ensure that they are only valid for a limited time.
  • Administrators can view and manage all API keys in the Zuplo portal to maintain security of their resources.

See the Zuplo API Key documentation for more information.

Create API Key