created idea GOV-I-4006 . Vote for it.
Yeah, already voted @vishal_kejriwal1
2 Likes
And just to continue the idea… Assuming we can now self-reference ISC’s PATs from workflows, if we can have a “Cycle client secret frequency” option (“never”, “every 6 hours”, “every day”, …etc) against each PAT, individually (e.g. depending on the PAT’s scopes and / or associated risk). Then that would be awesome. It’s self-cycling, and self-referencing.
1 Like
Presently, you have to login as the user to create the first PAT. From there, you can use the API to create additional PATs for that user. I can’t speak to if/when the product will prioritize better service account management, but I have been thinking about ways to make this easier through the SailPoint CLI. I’m considering the possibility of adding service account management commands to the CLI to automate much of this process. This topic is a great source of pain points and ideas to incorporate in a CLI command.
As a side note, it may be a better approach to expand the number of API endpoints the client credentials grant type can access so it can be used in automations rather than relying on PATs.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.