Mordecai Posted October 19, 2023 Share Posted October 19, 2023 hi @support for some of our automation use cases, we need the ability to dynamically create password lists. But we don't want to make the System Wide API Key generally known to so many people for this. Can you integrate a way to allow password lists to be created without System Wide API Keys? e.g. by using an API Key on an existing folder? So you would only have to create a folder for the colleagues, assign an API Key on this folder and with this API Key the employees can create as many password lists in this folder only as they want. Thanks, René Link to comment Share on other sites More sharing options...
Sarge Posted March 27 Share Posted March 27 On 10/20/2023 at 1:55 AM, Mordecai said: But we don't want to make the System Wide API Key generally known to so many people for this. What we do is run the script as a service account (Passwordstate automatically updates the password every XX days); with the Sys Wide API key being a user environment variable in the service account context. the script sets and API variable to that of the environment variable. Doesn’t get captured in logging, doesn’t get committed to Git. no one knows the key except security administrator(s) with the required security role, no one can see the key without knowing the service account password. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now