API Service Account - Best Practice?

Getting noticed

API Service Account - Best Practice?

Just want some clarification on best practice regarding interacting with third-party applications like Cisco Security Connector and Cisco Umbrella. Currently using my own API key to integrate with these apps. If this was for an actual company and I was to leave the company, or something of that nature, it may cause downtime in order to shift to the replacement hires API key. 


Would best practice be to setup a dashboard admin / dashboard user as a "service account" and use that accounts API key for third-party app integration? Does anyone have any tips around this?

Kind of a big deal

Re: API Service Account - Best Practice?

In my office, we create an individual service account for each third party tool.


This way, should someone leave, the integration doesn't fail due to a surprise inactive API key.


All of our integrations are used with all our clients by design, so I used https://github.com/meraki/automation-scripts/blob/master/manageadmins.py to copy my permissions for each service account. I have full org permissions on the applicable clients.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.