This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is there a way to limit the # of access credentials created

Posted on 07-13-2020 07:38 AM
sandens
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

When an app is created by a developer though the Apigee Developer portal, is there any way to limit the # of credentials that the developer can create?

Thx

Solved Solved
1 4 301
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Marsh
Staff
Reply posted on --/--/---- --:-- AM

Setting a key TTL is a story in our backlog. As for limiting keys, you could use the APIs to count the number of keys and warn folks when they'd reached a threshold (not a great workaround, but doable), but there is no limit enforced today on the number of keys. I'm not aware of any specific customer example where this has been an issue through the years.

View solution in original post

Jump to Solution
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
Marsh
Staff
Reply posted on --/--/---- --:-- AM

May I ask what you mean by the # of credentials? Currently there aren't controls to limit the number of apps or keys that a developer can create. I'm curious to understand the reasons behind the question, too--why would you want to limit these?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sandens
Bronze 2
Bronze 2
In response to Marsh
Reply posted on --/--/---- --:-- AM

Sure ... The # of credentials for an App.

Allowing for, what appears to be, an unfettered ability to create a limitless # of app credentials seems akin to allowing someone to create an unlimited # of keys to my house without my knowledge that they're being created. Understandably the house key analogy isn't the best because you could share the one credential many times over ( unlike a physical key) , it's more of trying to manage how many are out in interwebs. It's just easier to mange 1 key than it would be to mange more than 1 .. possibly a lot more than 1

Of course if we see a proliferation of credentials being generated for 1 or more apps I imagine our security team is going to freak. And then we will need to take some action, but we won't know any of this until we go look.

Also ( a bit off topic) l've noticed that when app credentials are when an app is created always have an expire date of Never, but when creating credentials for an app through the Portal admin GUI you are allowed to provide a custom expire date. It would be cool if we could decide the expire date ( some default ...say 90 days) for credentials that are created by the dev user when an app is created.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Marsh
Staff
Reply posted on --/--/---- --:-- AM

Setting a key TTL is a story in our backlog. As for limiting keys, you could use the APIs to count the number of keys and warn folks when they'd reached a threshold (not a great workaround, but doable), but there is no limit enforced today on the number of keys. I'm not aware of any specific customer example where this has been an issue through the years.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sandens
Bronze 2
Bronze 2
In response to Marsh
Reply posted on --/--/---- --:-- AM

Appreciate the update on the TTL backlog. Using the API is definitely something I've considered as an option to monitor the # of credentials. Like you said .. not optimal, but doable. So looks like we'll go that route if asked.

Jump to Solution
0 Likes