API User credential - automated key rotation via API
Y
Young-Hwan Kim
As a Platform Operator I want to manage and automate my custom integration also using meshcloud API.
This includes the possibility to automate the API User credential rotation.
Possible Scenario:
I create 2 API Users - e.g one for the actual retrieval of data from meshStack and another one for change the API Users credentials.
API User 1 is therefore used for getting the data only based on the permissions and the second API User can only change and retrieve the new API credentials for other API users (also based on the permissions).
This allows me to have short lived credentials for fetching data or integrations and another longer lived credentials to manage my API Users
J
Johannes Rudolph
A similar challenge applies to API Keys, which similarly need to be rotated. Defining them via API would be a reasonable route at least for platform teams.
It's currently a higher priority for us to enable ephemeral API Keys for building block runs as we estimate this will eliminate a lot of use cases for long-lived API keys already.
However we are aware there may be other use cases for automated API Key management and would love to hear from you about them.
meshStack today already allows you to set custom expiration dates on API keys and meshStack notifies responsible workspace owners via email.
Polina Sadykova
Thank you for your interest in improving meshStack and valuable input! Your contribution is much appreciated. Feel free to share the link with others! The more engagement we get on a topic the more likely it is that we will pick this up in the near future