Re: [Proposal] Disable API (apikey/secret-key) for users, accounts and domains

Hi Klaus, I am aware of the apikey improvements you are working on which are good to see and look very useful to me. But I don't think our PRs will conflict in functionality or implementation. Individual Api key pairs for a user can be managed by the functionality you are adding, but this featur

Re: [Proposal] Disable API (apikey/secret-key) for users, accounts and domains

That's right. This will be useful for cases where 3rd Party authentication mechanisms are used instead of username-password based. Thanks, Abhisar From: Nux Sent: Wednesday, September 25, 2024 5:02 AM To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache

Re: [Proposal] Disable API (apikey/secret-key) for users, accounts and domains

Potential use-cases could be when there are organisations who want to disable API-based access using external auth integrations like LDAP, SAML or OAuth2. In such setups, sometimes when a user leaves the org - admins would block the auth from the external system (LDAP/SAML etc.) but they may con

Re: [Proposal] Disable API (apikey/secret-key) for users, accounts and domains

Alright, thanks for clarifying. It would have been nice to be able to disallow API access completely to certain users, but this would also kill UI access for them. :/ On 2024-09-25 10:46, Rohit Yadav wrote: Potential use-cases could be when there are organisations who want to disable API-base

RE: [Proposal] Disable API (apikey/secret-key) for users, accounts and domains

Hi folks, Just pointing out that we are also working on a PR aiming to extend the API Key pair functionality (https://github.com/apache/cloudstack/pull/9504 ), including API Key deletion. It addresses the user leaving an org problem by invalidatin