有没有办法限制Okta令牌授权? [英] Is there a way to limit an Okta token authority?
问题描述
按照以下简化步骤生成Okta令牌:
Following these abbreviated steps to generate an Okta token:
- 登录到您的开发者控制台
- 导航至API>令牌,然后单击创建令牌
- 给令牌命名
效果很好,但是我想将这种令牌的权限限制为仅影响某些应用程序或仅执行某些操作-这可能吗?
works wonderfully, however I'd like to limit the authority of such a token to only affect certain applications or perform only certain operations - is this possible?
推荐答案
API令牌与创建它们的管理员共享相同的权限.
API Tokens share the same rights as the admin that created them.
例如,如果要创建具有只读访问权限的API令牌,则可以按照以下步骤操作:
If you wanted to create an API Token that had read-only access, for instance, you could follow these steps:
- 将只读管理员角色分配给用户(最好是服务帐户)
- 以该用户身份登录
- 照常创建API令牌
该API令牌现在只能用于只读操作.尝试使用该API令牌进行写操作将失败.
That API Token could now only be used for read only operations. An attempt at a write operation with that API Token would fail.
HTH! (完全公开:我为Okta工作)
HTH! (full disclosure: I work for Okta)
这篇关于有没有办法限制Okta令牌授权?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!