Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-96

Ability to manage API token creation as an organization admin

XMLWordPrintable

    • 180

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Atlassian accounts are able to generate API tokens for use with Jira and Confluence cloud APIs. At the moment, org admins can only revoke these tokens but they cannot enforce policies on the token usage of their managed accounts.

      Suggested Solution

      If a user belongs to an organization, give admins the following abilities:

      • Enable or block a managed account from issuing tokens
      • Make the creation of API tokens admin-only
      • Log or track the creation of API tokens (such as in audit logs) 
      • Set a default expiration for the tokens that can be created (ie, 1 week, unlimited not allowed). see ID-7825
      • Have the ability to extract a report of all users that currently have API tokens
      • Track whether API Keys are used by User in any project
      • Track report on API Keys usage.

            [ACCESS-96] Ability to manage API token creation as an organization admin

            Mathias Richter made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 899266 ]
            Kat N made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 888244 ]
            Rodrigo B. made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 854019 ]
            Stefan Scorse made changes -
            Resolution New: Done [ 17 ]
            Status Original: Waiting for Release [ 12075 ] New: Closed [ 6 ]

            Stefan Scorse added a comment -

            Hi all,

            Marking this ticket as completed.

            Please see this page https://www.atlassian.com/software/access/guide/api-token-controls#why-use-api-token-controls on how to use the feature.

            If you have any questions or feedback please email me at sscorse@atlassian.com

            Thanks,
            Stefan

            Stefan Scorse added a comment - Hi all, Marking this ticket as completed. Please see this page https://www.atlassian.com/software/access/guide/api-token-controls#why-use-api-token-controls on how to use the feature. If you have any questions or feedback please email me at sscorse@atlassian.com Thanks, Stefan
            Stefan Scorse made changes -
            Status Original: In Progress [ 3 ] New: Waiting for Release [ 12075 ]

            Diego Borba added a comment -

            https://www.atlassian.com/software/access/guide/api-token-controls#why-use-api-token-controls

            Diego Borba added a comment - https://www.atlassian.com/software/access/guide/api-token-controls#why-use-api-token-controls
            SET Analytics Bot made changes -
            Support reference count Original: 179 New: 180
            Arvind Kishore made changes -
            Description Original: h3. Problem Definition

            Atlassian accounts are able to generate API tokens for use with Jira and Confluence cloud APIs. At the moment, org admins can only revoke these tokens but they cannot enforce policies on the token usage of their managed accounts.
            h3. Suggested Solution

            If a user belongs to an organization, give admins the following abilities:
             * Enable or block a managed account from issuing tokens
             * Make the creation of API tokens admin-only
             * Log or track the creation of API tokens (such as in audit logs) 
             * Set a default expiration for the tokens that can be created (ie, 1 week, unlimited not allowed). see ID-7825
             * Have the ability to extract a report of all users that currently have API tokens             		New: h3. Problem Definition

            Atlassian accounts are able to generate API tokens for use with Jira and Confluence cloud APIs. At the moment, org admins can only revoke these tokens but they cannot enforce policies on the token usage of their managed accounts.
            h3. Suggested Solution

            If a user belongs to an organization, give admins the following abilities:
             * Enable or block a managed account from issuing tokens
             * Make the creation of API tokens admin-only
             * Log or track the creation of API tokens (such as in audit logs) 
             * Set a default expiration for the tokens that can be created (ie, 1 week, unlimited not allowed). see ID-7825
             * Have the ability to extract a report of all users that currently have API tokens
             * Track whether API Keys are used by User in any project
             * Track report on API Keys usage.
            kitkat (Inactive) made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 832677 ]

              2015ae912494 Stefan Scorse
              kyamamoto@atlassian.com K. Yamamoto
              Votes:
              167 Vote for this issue
              Watchers:
              173 Start watching this issue

                Created:
                Updated:
                Resolved: