Update "Client Secret" for a LaunchPoint Service

Update "Client Secret" for a LaunchPoint Service

Occasionally, someone departs the company that had access to Client ID and Client Secret values for an API user.

It would be nice to be able to update that API user with a new "Client ID" and "Client Secret" rather than have to delete it -- so that you're certain departed employees don't have access to those values without having to delete the API user and recreate it.

Marketo Employee

What's the benefit of this over deleting an existing record and creating a new client?  The credentials still need to be updated in the third-party service if the secret was changed, and deletion immediately revokes API client credentials.

Hmm... good point. So — yeah — I guess this wouldn't really solve anything.

Is there a smart way to avoid this sort of headache?

Marketo Employee

At this time there's not really a better way.  We are working on providing a means of securely transferring credentials between Marketo and ISVs, which would eliminate the need for an end-user to access and transfer credentials to application providers, but this won't become available this year.  This would mean that users would never have direct access to API credentials, though you will still be able to revoke access thru the same means when we offer this option.

Level 10 - Community Moderator

Not sure what the headache is... delete the Custom service, no?

I mean having a granular relationship between apps and service definitions is advisable. I see people start out granular and then start sharing, and that's a mistake.

Yeah. I think this is the thing. People had direct access, so you worry, when they leave, whether those credentials are out there somewhere.

Good advice.

Community Manager
Status changed to: Open Ideas