Jump to content
Sign in to follow this  
enigmatic

User APIKey

Recommended Posts

We have multiple password lists.

Lists are grouped in folders.

Folders have access control enabled with different people assigned to each one.

Each list can be accessed by API using per list APIKey.

 

If we use the same APIKey then everyone who needs to have automated access to one of them has access to all of them.

If we use different APIKeys for each list then we preserve per folder access, but automatic access gets more complicated since we have to juggle both Passwordlist ID and APIKey (that should be secret and can't be stored in repo - like "hey before running this, set these 5 different apikey secret variables and don't write it down or check it in")

 

What would be nice if there was a per user APIKey that would allow access to API like "/api/passwords/${LIST_ID}?QueryAll".

This way everyone could run automated scripts and have access to all the password lists that they are assigned access to in Passwordstate by setting a single UserAPIKey environment/Header variable, and let Passwordstate to handle access control.

Share this post


Link to post
Share on other sites

Hello,

Thanks for your feedback. We're not sure if you're able to use it or not, but have you considered our Windows Integrated API - this does not need any API Keys, and gives you the same level of access as when you log into Passwordstate?

Regards

Click Studios

Share this post


Link to post
Share on other sites

That could solve it as all people involved have windows workstations, but scripts that need to fetch from passwordstate are often run remotely on linux boxes or automatically in response to some defined trigger...

Would it be possible to extract  some sort of auth header created by "Invoke-Restmethod -Method Get -Uri $PasswordstateUrl -UseDefaultCredentials" and reuse it on a different box (for example in curl as a request header)?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...