I am looking to use the Search API.
My understanding is that access keys are directly linked to a specific user login. Logically, if the user leaves the organization and the login is deactivated then the access key will stop working. Any tools utilizing the access key will then stop working.
Can anyone confirm if my understanding above is accurate?
If I am correct, is there a recommended design pattern for API security access? Should we create a system user(s) account that would not be deactivated?
Please sign in to leave a comment.