Open for Voting
over 1 year ago

Provide token-based authentication for API access

Slack, and a whole bunch of other cloud-based sevrices allow you to generate API keys that can be used for application/API integration.

Create and regenerate API tokens – Slack Help Center

I'd like solarwinds to support the generation of an API key that can be used for authentiction so we do not need to hardcode usernames and passwords into scripts/configuration files.

we would not then need to have a whole bunch of user/application accounts and passwords that then need to get audited

this would overcome the plethora of authentciation methods (e.g. AD, local user, etc.) and apiaccess could be simply revoked if the token is compromised.

Also: I've had the situation with AD-related accounts failed authentication at some point for some reason and I could never get them to work again. switching to a local account fixed that issue for my scripts.

implemenation idea:

an admin-level user would pick a user account with the aproproatepriviledges and use that to generat an API token that could be presented and would be used as if it was that user.

they would be able to revoke an API token, check when it was last used