Would be very needed ability to restrict developer API token usage only by IP(s) specified by customer. Since developer API gives amazing features for automation, at the same time it's extremely dangerous if token compromised or leaked. Also nowadays even most mobile network carriers offer static IP feature for mobile internet and therefore IP based restriction(white list) is very reasonable for extra security layer.
Developer API is also very useful for cPanel etc modules, so that automated actions over developer API are done from VPS/Cloud/Dedicated server itself, that also has static IP. IP based restrictions could be configurable by customer itself and also as option(mean that may also run without restrictions related to IP at customer's choice).
It would be great peace for both hosting company and customers, as IP white list restrictions make huge security improvement for developer API token and limit possibilities for any attacks.
thanks a lot for detailed request. We'll place this in our roadmap.
Customer support service by UserEcho