API Key Expiration date
We have a security reqirement that secrets must expire after 2 years.
Therefore it would be awesome if MongoDB Atlas API Keys would support an expiration date.
Somethig similar exists for the IP Whitelisting. Here we have the option to remove IP Whitelist entries after er certain time period. But for API Keys it would be better to have an expiration date and keep the API Key in the list even if its expired.
In addition it would be good to have a daily notification once the expiration date is ahead less than 30 day.
Alexander
shared this idea
-
Hello!
We just added support for Service Accounts using OAuth2.0 as an authentication protocol for the Atlas Admin API. It's currently in Public Preview.
With this new feature, client secrets associated with service accounts have a configurable expiration date (min of 8 hours, max of 365 days).
Tokens created with client credentials have a default time-to-live of 1 hour.
When this feature launches to General Availability, alerting will be in place for client secret expiration configurable for your organization.
Please take a look at the documentation and as always thank you for the feedback!
-
Rodrigo
commented
I am awaiting for this feature as well
-
Luke
commented
Being able to timebox access would be very helpful for our teams
-
Mikhail Advani
commented
Very useful feature to have. Additionally, alerts on API keys that have not been used for a certain period would also be very useful.
-
Brian
commented
Very important feature to have as our enterprise security policy requires api keys have expiration period
-
Frank
commented
I agree this is very important one. I wish we can have this asap.
-
reshma
commented
Its very important to maintain the security of the bank.
-
Jason
commented
I agree with this one. An Alert with a setting to inform when api keys are aging (60, 90, 120 days). Currently we have no visibility into how old access keys are without going through the console.
