Feature Request - Domain Whitelisting

[InfamousVague]

Add the ability to whitelist API keys / tokens to specified origins. (Might also be cool to support apps hosted at a specific IPFS hash or in some specified Bucket)

This will help avoid unauthorized or non-intentional usage of the token potentially incurring unexpected charges.

[InfamousVague]

On this front, can create a separate issue but it would also be worth having granularity in the requests the API allows. Consider something like

where an identifier is generated which specifies which methods the token will be allowed to use. This way when the client is created in the libraries it can reject right away if the provided permissions node doesn't match the allowed methods for that key. This approach can help with debugging issues and prevent requests that would be later rejected anyways.