Idea Details

Prevent all Portal users from meanly changing application's client secrets

Last activity 2 days ago
Simon Laverdiere's profile image
12-03-2019 02:38 PM

In the Dev Portal, we noticed that, even if Administration > Request Settings > Edit Application Request Workflow is Enabled, Org Admin and Developer users can reset Application Client Secrets without any approval process and without any backtrack possibility.

There is a confirmation asked in "Publish > Apps > application Edit > Auth > Request New Shared Secret" but none in "Develop > View All Applications > application > Configuration > Shared Secret > Reset".

Also, even if "Edit Application Request Workflow" is Enabled, we noticed Org Admin users can Delete applications without any approval as well.

Even if these facilities were set by design, the ability to change Client Secrets and delete applications so easily may allow quick fixing of an unwanted access to APIs by a compromised application, it can also compromise access to APIs by a legitimate application, causing any conceivable impact on production.

So, in order to prevent any unwanted application changes, we unfortunately can't allow Org Admin and Developer users access to Production environment, depriving them access to API and Application details, API swagger files and use API Explorer and Analytics.

Like other Application changes, it should be possible to manage ability to delete Applications and change Client Secrets through an approval process.


Comments

2 days ago

​​Allowing customers to define their own roles/access, could be a good improvement that will address this case.