Non-admin users not able to access API Key when the EXTENDED_DATA permission is present #1189
Comments
|
This is occurring because the Group has mis-matching permissions. The group needs to match the permissions of the permissions of the service account. If the service account has been given EXTENDED_DATA permissions, the Group has to be as well, you cannot see a service account APi Key that has greater permissions than you yourself do. The solution is to add the "Extended Data" RoleType into the Groups page and allow groups to have this permission. |
|
To add to the above comment, a group will require this permission to be assigned because for example extended data can be anything in the data model - not just features, it can export information about environments, applications, portfolios, people attached, their email addresses, etc which regular group user would not have access to unless they are admin. |
Group users are not able to access their application service account's API Key when the EXTENDED_DATA permission is present. Only org super admins are able to see the keys in this case when it should be available for group users. Conversely, group users can see the API Key just fine when that permission is removed from the service account.
Which area does this issue belong to?
The text was updated successfully, but these errors were encountered: