×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
arifsaha
Observer
Member since: ‎10-18-2023
‎10-18-2023
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-18-2023
Activity Feed
View All

Token vs Username+Passphrase for REST API to Dedic...

by in Security
‎10-18-2023 10:37 AM
‎10-18-2023 10:37 AM
Hi! I am wondering whether there are any advantage to use token over username and passphrase/password when accessing REST API to a dedicated API user (whose access to credential is the same as access to the token). In our practices for automated API calls, we like to provide enough resources for the API call but nothing more, and therefore we ended up creating a dedicated functional user in our instance in Splunk Cloud for each function a program or a group of closely related programs need to do through API calls. Consequently, in almost all the cases there is only a single token needed per functional user. Everyone that need to maintain those programs for that function will have access to both the credential of that functional user and that single token, as those team member need to login as the user to test their queries. Therefore there are no isolation of access between token and user credential. So in this case, are there any advantage to create and use the token over just using username and passphrase/password? Thank you! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-18-2023 10:11 AM