View and expire Fleet Manager API Keys in UI #109
Assignees
Labels
feature
New feature or request
Comments
|
Hi @bradjolicoeur , great suggestion 🙂 Let me just think a little bit about how a feature like this could be made. |
|
I think just a masked view of the last few characters of the key to start with would be a really nice improvement if the other features involve too much work. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The user interface allows for creating API keys, however there is no way to see a list of the keys that have already been created or an ability to invalidate an API Key. This is problematic in a scenario where there is a breach and all keys would need to be invalidated and reissued. I'm guessing that one could open up MongoDB and delete them, however that would take specialized knowledge and in a breach scenario time is of the essence.
I'm looking for a list of keys with the datetime stamp and user that created them, status of the key and maybe a masked view of the last few characters of the key. Each valid key should have option to invalidate the key.
This is probably something we would also want available in CLI/API so that it could be scripted for scheduled key rotations.
The text was updated successfully, but these errors were encountered: