30 Oct 2020 08:43 AM
We are in a situation in which one of our users created some API Token adopted in our Automation pipelines. This user is not using Dynatrace anymore and we are planning to remove his user account.
What happens if we do that? Do we risk to loose all the API Token and to break our Automation Pipelines?
Solved! Go to Solution.
30 Oct 2020 08:56 AM
@Barbara S. Please can you provide more info about this use case?
02 Nov 2020 09:54 AM
Hello @Barbara S. Our use case is that the user acting as "admin" on our DT instance will stop doing that. For our internal security reasons / processes, we don't allow users to create their own Tokens. Only the admin is able to do that.
Since we are about to delete this user, we thought we lost all the tokens but it seems it is not so! The only issue here will be that we will not be able to change the grants to add on each token.
I am wondering if it can make sense to change the logic about how the tokens are managed on Dynatrace. Does it make sense to map each token on a specific user? Generally speaking, we have a lot of other tools having the Token "centralized" (stored on the server with no association with any user) and then only the Admin are able to create / edit / delete them.
Does this last statement make sense for you? In case, I will open an RFE to let you take in consideration my proposal.
Thanks,
30 Oct 2020 12:51 PM
Everything I can find indicates the token will still be active even after the user is deleted so you shouldn't need to worry about breaking any automation. It would be a good idea to go through and create new ones tied back to existing users but this wouldn't be urgent.
06 Nov 2020 02:02 PM
Thx a lot for reaching out! I think there are a few aspects to this:
I hope this answers your questions. Please let us know, if you have further questions.