Forum Discussion

Level 2

2 years ago

Solved

API service accounts for Fabric API?

Currently I'm using the API token associated with my personal login to Equinix for the Fabric API. What's the best way to make an API token for a service sharable by a group of people at my company? ...

APIs

Fabric APIs

Marques
2 years ago
nickzxcv Perhaps the safest option would be to use a real team leader's first and last name, use "Fabric Cloud" for the local name. The email address must be a real email address, plus-suffixes are nice. A better choice may be to use a team email address that is independent of individual team members, ultimately delivered to responsible team members. I would not want to build a solution that relies on a workaround that a reasonable and well-meaning service rep or bot would interpret as "delete me".

I would also assume, that as the user and account holder, I would ultimately be responsible for the actions of any system or individual utilizing these credentials and the access delegated to those credentials.

Marques

Equinix Employee

2 years ago

nickzxcv, yes. With that account, login and create an App at https://developer.equinix.com.

This App will provide you with a Client ID and Client Secret which can then be used for OAuth Client Credential token exchanges. These short-lived, refreshable, tokens will have all the rights and privileges of the shared / surrogate account. Store the Client Credentials in a team-shared credential management system (Vault, 1Password, etc).

https://developer.equinix.com/docs?page=/dev-docs/fabric/overview will walk you through the steps to create and use the App and Client Credentials.

nickzxcv

Level 2

2 years ago

Ok, so is this the right way to do it? This kind of shared account user can't have any government ID or legal name in the way it says there.

Then I login to developer.equinix.com with that user and create the API client credentials?

Marques
Equinix Employee
2 years ago
nickzxcv Perhaps the safest option would be to use a real team leader's first and last name, use "Fabric Cloud" for the local name. The email address must be a real email address, plus-suffixes are nice. A better choice may be to use a team email address that is independent of individual team members, ultimately delivered to responsible team members. I would not want to build a solution that relies on a workaround that a reasonable and well-meaning service rep or bot would interpret as "delete me".

I would also assume, that as the user and account holder, I would ultimately be responsible for the actions of any system or individual utilizing these credentials and the access delegated to those credentials.

Featured Places

Discussions
Engage with industry experts, share insights, ask questions, and grow your network.
Ideas
We're listening! Submit your ideas to shape the future of Equinix!
Groups
Ready to collaborate? Join a Group or upcoming beta program.
What's New
Stay ahead with the latest from Equinix. Discover new product announcements, insightful tutorials, and practical use cases.
Events
Your Guide to Upcoming Events - Online, Hybrid, and In-Person!

Forum Discussion

API service accounts for Fabric API?

Related Content

Is Fabric Cloud Router a managed service?

How do I create an account on the Equinix Fabric portal?

How do I connect to another port on my Equinix Fabric account?

Unable to select an account from the menu when creating new Fabric Cross Connect

Account Locked

Recent Discussions

The Data Center is Evolving - Are You?

Digital Plumbing: The Infrastructure Behind Rideshare Apps

The Infrastructure Behind Cat Videos

Optimal by Design: Architecting for Hybrid from Day One in AI and Application Development

Equinix Internet Access - additional IPs

Featured Places

Discussions

Ideas

Groups

What's New

Events

Data Centers

Resources

Company