Re: API user

Elana_Shama · ‎04-17-2018

Hi,

I am trying to edit an API user, but there is no editing option.

Can I delete the user, or will that cause problems with the API connection of Marketo and my website?

Does anyone have an idea how I can block this user's access to Marketo? It's very important.

Thank you

SanfordWhiteman · ‎04-17-2018

will that cause problems with the API connection of Marketo and my website?

Aren't you trying to cause problems with the connection?

If you delete the service from Admin » Integration » LaunchPoint » Installed Services that will disconnect them.

Elana_Shama · ‎04-17-2018

The connection is under a former service provider's email, which is why I'm trying to disable the user.

So you're saying that I can safely delete the user?

SanfordWhiteman · ‎04-17-2018

If you want to revoke access, do as I said above.

Changing the underlying impersonated user will not revoke access to the service, because the service will just impersonate another user the next time they authenticate using the client_id and client_secret.

Although changing the user may drastically change the permissions of the service -- and you can effectively reduce the service's ability to do anything with your database this way -- if you can afford to remove permissions like this you can likely afford to remove the service entirely.

Elana_Shama · ‎04-17-2018

Thank you.

Elana_Shama · ‎04-17-2018

I did as you said, but it seems like the API connection is no longer working.

I thought you said it won't cause any problems?

SanfordWhiteman · ‎04-17-2018

I said if a malicious/untrusted actor has a set of API credentials, the only way to revoke their access is to delete the service.

You can't just switch the underlying account. That's like, if you know somebody stole your computer username and password, merely changing your screen saver!