PAT and API keys validity

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hi

Is there any validity date/expiration date of the PAT and API keys in ISC?

I am trying to understand how API keys/PAT are auto revoked in SailPoint when they are dormant for a long time. Is there a process for cleanup of such accounts/non-human identities/keys.

PS: I have already read the service account management best practices whitepaper in IIQ and have that already in place for one client, using IIQ. This question is not for service accounts, but for other NHIs like API keys and PATs.

Regards
Arshdeep

2

I don’t think there is any validity associated with PAT or API Keys in ISC. You can definitely use the endpoint to find out the api or pat associated with a terminated users and delete them

3

{{baseUrl}}/personal-access-tokens

[
    {
        "id": "c1bXXXXXXXXXXXXXXX29",
        "name": "vkejriwal-PTA-default",
        "scope": [
            "sp:scopes:all"
        ],
        "created": "2024-09-18T14:42:53.432Z",
        "owner": {
            "id": "65cfefaYYYYYYYY6338b",
            "type": "IDENTITY",
            "name": "vishalkejriwal"
        },
        "managed": false,
        "lastUsed": "2024-09-27T01:34:34.155Z"
    }
]

I see option of last used and also have associated user information , WF can be created to read the required data and based on the logic it can be cleanup using

{{baseUrl}}/personal-access-tokens/:id:

4

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.