Access Keys and User Deactivation

Follow

Lee George

• January 19, 2021 15:40

Hi,

I am looking to use the Search API.

My understanding is that access keys are directly linked to a specific user login. Logically, if the user leaves the organization and the login is deactivated then the access key will stop working. Any tools utilizing the access key will then stop working.

Can anyone confirm if my understanding above is accurate?

If I am correct, is there a recommended design pattern for API security access? Should we create a system user(s) account that would not be deactivated?    

Thanks

0

• 

  Shobhit Garg

  • January 20, 2021 06:19

  Hi Lee,

   

  You are absolutely correct, if the associated user is deactivated or delete then his/her corresponding key wont work and any application using that key will stop working.

  https://help.sumologic.com/Manage/Users-and-Roles/Manage-Users/11-Delete-a-User

          The deleted user’s Access Keys are removed and cannot be restored.

  https://help.sumologic.com/Manage/Users-and-Roles/Manage-Users/09-Deactivate-or-Activate-a-User

          Access keys are deactivated for the user

  We have a new feature called "Installation Tokens" with the sole purpose of installing collectors. This feature is currently in Beta testing and I don't have a date for general release yet. For more information about this, please go to https://help.sumologic.com/Beta/Installation_Tokens.

  But this token can only be used for installation of collectors and you can use them in the installation scripts without the worry if the associated user is deleted or disabled.

  Hope this helps.

  Regards

  1

  Comment actions Permalink
• 

  Lee George

  • January 20, 2021 11:35

  Thank you Shobhit. That was a great help.

   

  0

  Comment actions Permalink

Please sign in to leave a comment.