Jump to content

Passwordstate API - Allow creation of password lists without system wide api key


Mordecai

Recommended Posts

hi @support

 

for some of our automation use cases, we need the ability to dynamically create password lists. But we don't want to make the System Wide API Key generally known to so many people for this.

 

Can you integrate a way to allow password lists to be created without System Wide API Keys? e.g. by using an API Key on an existing folder?

So you would only have to create a folder for the colleagues, assign an API Key on this folder and with this API Key the employees can create as many password lists in this folder only as they want.


Thanks,
René

 

Link to comment
Share on other sites

  • 5 months later...
On 10/20/2023 at 1:55 AM, Mordecai said:

But we don't want to make the System Wide API Key generally known to so many people for this.

What we do is run the script as a service account (Passwordstate automatically updates the password every XX days); with the Sys Wide API key being a user environment variable in the service account context.

 

the script sets and API variable to that of the environment variable. Doesn’t get captured in logging, doesn’t get committed to Git. 
no one knows the key except security administrator(s) with the required security role, no one can see the key without knowing the service account password. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...