The Apidog client supports security controls for certain operations that involve local resource access or code execution capabilities. In the Security settings, you can preconfigure the range of capabilities available to trusted projects. If a project has not been pre-authorized but triggers a related operation, the client will display a confirmation prompt before execution and continue only after the user confirms.Security settings help reduce the risk of sensitive capabilities being misused or invoked unexpectedly, making local capability calls more controllable.Access Security Settings#
You can access Security settings through the following path:1
Open the Apidog client and click the Settings icon in the upper-right corner
2
Select Security in Preferences
3
On the Security page, configure the authorization scope for capabilities such as database connections, calling external programs, and dynamically loading npm packages
Authorization Confirmation for High-Risk Operations#
Some capabilities involve local resource access, external program calls, or third-party dependency loading. To reduce the risk of misuse, Apidog adds a security authorization confirmation mechanism for these operations.Currently supported configurable capabilities include:Database connections: Controls whether a project can use configured database connections in pre- or post-operation scripts, reducing the risk of unauthorized projects or scripts accessing database resources, or accessing intranet resources through an SSH tunnel
Calling external programs: Controls whether a project can call scripts or executable code files in the External Programs directory, reducing the risk of local programs being invoked unexpectedly
Dynamically loading npm packages: Controls whether a project can install and load npm packages during runtime, reducing security risks caused by misuse of third-party dependencies
Static Configuration: Pre-authorize Trusted Projects#
If you confirm that a project needs to use capabilities such as database connections, calling external programs, or dynamically loading npm packages, you can add the project under Authorized Projects for the corresponding capability.After configuration, authorized projects can use the corresponding capability according to the current authorization rules.We recommend enabling these capabilities only for trusted projects and regularly reviewing the authorized project list to prevent projects that are no longer used or no longer trusted from retaining permissions for sensitive capabilities.
Dynamic Authorization: Runtime Authorization Confirmation#
If a project has not been pre-authorized but triggers a related high-risk operation during runtime, the client will display an authorization confirmation prompt before execution.For example, when a project that has not been pre-authorized calls an external program through a pre- or post-operation script, the client will prompt that this operation may bypass the sandbox environment and ask whether to allow the current project to use this capability. The related operation will continue only after the user confirms; if the user cancels, the operation will not continue.This static configuration + dynamic authorization confirmation mechanism adds an extra confirmation step for sensitive capabilities without affecting normal usage.
Restrictions on External Program Calls#
To reduce security risks caused by script execution, Apidog further restricts the scope of external program calls.Now, the client and CLI only allow calling scripts or executable code files in the External Programs directory. In pre- or post-operation scripts, automated workflows, or CLI scenarios, if you need to call an external program, you must first place the relevant script or executable code file in the External Programs directory, and then call it using the corresponding method.This prevents scripts from calling local programs from arbitrary paths and reduces potential security risks caused by overly broad execution boundaries.Restrictions on the command Parameter of executeAsync#
When calling an external script through executeAsync, Apidog also restricts the allowed values of the command parameter to prevent script execution commands from being specified arbitrarily.Currently, command can only be set to python3 when calling Python scripts.If existing scripts depend on other command parameter values, we recommend adjusting the script invocation method according to the new execution rules to avoid affecting existing workflows.Recommendations#
1.
Enable capabilities such as database connections, calling external programs, and dynamically loading npm packages only when necessary, and authorize only trusted projects.
2.
If your automated workflows, pre- or post-operation scripts, or CLI tasks involve external program calls, check whether the script path and command parameter comply with the new execution rules.
3.
If a project no longer needs a capability, promptly disable the corresponding toggle in Security settings or remove the authorized project.
