API that re-generates the Knowledge Base Assistant API key
under review
Y
Yacht club Boa
Currently, the API key can be regenerated only through a manual process inside the document360 portal. This makes this key un-secured. This key has an unlimited lifetime and if we won't regenerate it, then someone with access to it will permanently have access to our documentation. If we will have the option to regenerate this API key through an API, then we could regenerate it automatically once a week and automatically update our codebase with the new key, which will make it much more secure, and allow anyone who has this key only a max of 1 week access.
Log In
A
Alive Salamander
My organization is interested in similar functionality. We would like the API key for the widget to be encrypted. A key that autogenerates once weekly would also work for my organization to improve the security here.
C
Complete Hummingbird
Is there an update on this ticket? Without this, the content in the KB Assistant is exposed to a security threat. You cannot expect us to manually replace the API key every time.
M
Magnificent Grasshopper
marked this post as
under review
M
Magnificent Grasshopper
Yacht club Boa only the authorized users can be accessing the settings and that is completely with portal admin / owner to choose the relevant user, so there cannot be much of security issue to authorize the usage. However, a lifetime for the generated token we can consider. Thank you.
Y
Yacht club Boa
Magnificent Grasshopper: Can you consider a 7 day lifetime for the API token? Can you create a system reminder to alert 48 hours before the token will expire?