Allow tracking of Developer Token Usage

GrantSmith
GrantSmith Indiana πŸ₯·

API Tokens are great but difficult to identify which are being used in order to remove unused one for better security. It'd be great if there was a way we could track the different API token usage within our instance.



**Was this post helpful? Click Agree or Like below**

**Did this solve your problem? Accept it as a solution!**
6
6 votes

Submitted Β· Last Updated

Comments

  • jaeW_at_Onyx
    jaeW_at_Onyx Budapest / Portland, OR 🟀

    did you mean developer token as in developer.domo.com

    or access token as in domo -- admin -- access token?


    i think you'd want both and to be able to differentiate between both so users could track API usage

    Jae Wilson
    Check out my πŸŽ₯ Domo Training YouTube Channel πŸ‘¨β€πŸ’»

    **Say "Thanks" by clicking the ❀️ in the post that helped you.
    **Please mark the post that solves your problem by clicking on "Accept as Solution"
  • GrantSmith
    GrantSmith Indiana πŸ₯·

    It would be great for both types of tokens - API Tokens (Admin -> Access Tokens) and Developer Client ID and Secrets (developer.domo.com).



    **Was this post helpful? Click Agree or Like below**

    **Did this solve your problem? Accept it as a solution!**
  • Absolutely agree this is needed from an administrative/governance standpoint. De-provisioning power users carries risk without admin visibility to the developer.domo.com tokens.

  • This is a HUGE liability! Not being able to review how, where, and when tokens are being used not only poses a security risk, it also makes offboarding essentially impossible. We need to have some way of identifying how access tokens are used, especially since they are sometimes used for activities other than their approved purpose.

    DataMaven
    Breaking Down Silos - Building Bridges
    Check out my video!
    **Say "Thanks" by clicking the heart in the post that helped you.
    **Please mark the post that solves your problem by clicking on "Accept as Solution"