Skip to main content

Hi,

I have been reading about API keys here: https://success.clarizen.com/hc/en-us/articles/360011833079-API-Keys-Support and have hope someone here has experience about key management, especially with respect to their expiry.

The systems I will be having to give API access into AdaptiveWork are likely to be externally managed, so there will be time and cost associated with changing keys, and I am obviously trying to avoid any time periods where the external system cannot access AdaptiveWork.

I understand how to create an API key, but see that it has an expiry set on it by default of, I think, a year. Is there any way to create a key with a longer expiry (so I don’t need to worry about this ever ideally)?

If not, is there any way to extend the expiry date so a fresh key is not required? (and ideally generate a reminder that it needs doing).

If not is there a way to generate another key while the first key is still active - is this the intended usage of the secondary key?

N.B. I am asking about this from an operational point of view, and understand that extending keys may not be recommended from a security point of view, though I would argue that the difference in risk from a security point of view between a key valid for a year and one valid forever is minimal. 

Thanks

Julian

Be the first to reply!

Reply