API Keys to be submitted through Cortex for Analyzers #7
Comments
|
Cortex 2.x provides Organizations and accounts dedicated configuration.thus, this allows different groups to specify their API keys. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
API Keys to be submitted through Cortex for Analyzers
Request Type
Feature Request
Work Environment
NA
Problem Description
For some systems, having one key for all users doesn't match the terms of service of the endpoint APIs. Thus, it would be nice to have users in say thehive have the ability to specify keys for specific endpoints (Say Passive DNS or Virustotal) in their accounts, and when they request analyzer action, those keys are passed to the cortex, which then uses those keys as the key to the backend.
This would allow better usage tracking. There could be "Default" keys if a user doesn't specify a key to say virus total, it would use the shared key. But if we do that, we should get the ability to enforce per user limits on shared keys for specific services. This would force almost all requests coming from the thehive to cortext to include a user identifier.
The text was updated successfully, but these errors were encountered: