It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×42,877
×10,962
×7,469
×4,715
×3,954

question asked: Mar 07 '18, 6:39 a.m.
question was seen: 2,498 times
last updated: Mar 12 '18, 9:17 a.m.

Related questions

Is there any way I can add bulk users to RTC application without sharing admin credentials to third party support team?

0
R Z (1273453) | asked Mar 07 '18, 6:39 a.m.
edited Mar 07 '18, 6:40 a.m.

Is there any way I can add bulk users to RTC application without sharing admin credentials to third party support team?

I would like to automate the process. Any help would be highly appreciated.

Thanks

Comments
Donald Nong commented Mar 08 '18, 10:03 p.m.

What is the use case? Note that when you share the admin credentials (encrypted or not) with the third party, he can do a lot more than just add bulk users.

R Z commented Mar 12 '18, 4:46 a.m. | edited Mar 12 '18, 9:10 a.m.

We have third party group who usually handles L1 requests like adding/importing users to JAZZ Applications.

Due to security policy, we can't give JAZZ admin access to third party group anymore. It need to be managed internally now.

I am checking the possibilities if there is any way we can add users without revealing password or credentials.

Any thoughts here....API or any custom solution?

Thank you

Geoffrey Clemm commented Mar 12 '18, 9:17 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

When you say "without revealing password or credentials", I assume you are referring to the password or credentials of existing admin users?    You of course would never want to reveal passwords or credentials of existing admin users to third parties.

One answer

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ulf Arne Bister (1.3k413) | answered Mar 12 '18, 7:54 a.m.

Hi,
you would have to build a service around the API and expose that in a secure way. One possible lightweight way might be to introduce certain work items as service requests and either use fields or attached csv files to get picked up by a post status change trigger. This trigger then would use the API to add / modify users. By using roles/permissions/access groups you could ensure only authorized persons can create such requests or save the action on these requests that triggers the actual user creation.

Feasible approach for your use case?

gg,
Arne

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.