Provide token-based authentication for API access

score 21
Voted on 21 times. You have not voted. Open for Voting

Slack, and a whole bunch of other cloud-based sevrices allow you to generate API keys that can be used for application/API integration.

Create and regenerate API tokens – Slack Help Center

 

I'd like solarwinds to support the generation of an API key that can be used for authentiction so we do not need to hardcode usernames and passwords into scripts/configuration files.

we would not then need to have a whole bunch of user/application accounts and passwords that then need to get audited

 

this would overcome the plethora of authentciation methods (e.g. AD, local user, etc.) and apiaccess could be simply revoked if the token is compromised.

Also: I've had the situation with AD-related accounts failed authentication at some point for some reason and I could never get them to work again. switching to a local account fixed that issue for my scripts.

 

implemenation idea:

an admin-level user would pick a user account with the aproproatepriviledges and use that to generat an API token that could be presented and would be used as if it was that user.

they would be able to revoke an API token, check when it was last used

Comments

Vote history

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.