[db-wg] API keys for database maintenance
- Previous message (by thread): [db-wg] API keys for database maintenance
- Next message (by thread): [db-wg] API keys for database maintenance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tore Anderson
tore at fud.no
Fri Mar 20 11:38:13 CET 2020
* Gunnar Guðvarðarson via db-wg > My main issue with API Keys is them being attached to SSO accounts. What about when the employee leaves the company? > He gets removed from auth on the mntner, all the apps he set-up break? Making admins hesitant about removing user access. > > API access needs to be bound to the mntner in some form imho. Agreed. Well, one does not need to rule out the other - it ought to be possible to support both personal API keys (bound to an SSO account) and impersonal API keys (bound to an LIR and/or mntner). For what it is worth, the current API keys implementation *appears* to be impersonal, i.e., my colleague can see the API keys I created and vice versa. However, we can also see who created the keys in the first place. I did not test to see if all keys created by a specific user account would be removed if that user account is deleted or removed from the LIR account. Tore
- Previous message (by thread): [db-wg] API keys for database maintenance
- Next message (by thread): [db-wg] API keys for database maintenance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]