Replying to self: this is probably unsupported, but: using the TTN Console with “developer tools” active, when adding an access key for “messages” only, it’s easy to see that this explicitly sets
messages:down:w in the payload. By removing the newly created access key and then editing the PU request that created it, I was able to create a key with only
Assuming that this will work, haven’t actually tested this new key yet
The reason why this is important to me: I’m using the HTTP integration for several applications. HTTP integrations require that an access key is selected, and the data posted to an integration actually contains the access key. Since I generally don’t want the HTTP endpoints to send data back to nodes, I prefer to restrict the level of access that the application (or data recipient) has. As as always with security: implement it as close to the endpoint as possible.