Providing Subscription keys - my account or a shared account?
Our University is working with a third party developer who requires the subscription keys for the Payments API. I assume I should provide these under a shared / organisational account, rather than my own account, because if I leave and my account is disabled, then the key will stop working? Or does it not work like this? Thanks!
Comments
-
@John Bird, that's a great question. Since the introduction of multi-factor authentication (MFA) we generally advise against shared accounts. If the 3rd party developer is working on a temporary basis, when at some point the app will be transferred, then it's best to have a developer at the University own the Payments API subscription. That will save you from having to switch the API key in your code later.
The 3rd party developer can be added to your developer team, so that they can assign the app to the team and provide visibility to other developers in your org. However, when apps get transferred to new owners, the API subscription keys don't get transferred.
I hope that helps. Thanks!
2 -
Thanks @Ben Wong. You've actually taken my question to the next level here! I assumed we should provide subscription keys from our own account, but your reply suggests that we should set up a developer account for our third party, and let them get their own subscription keys. Is that correct?
0 -
@John Bird I'm assuming that the 3rd party developer is working on a temporary basis and will transfer the app to you after the project is done and they will no longer be involved. As long as the API subscription key is treated as a sensitive value and can be handled/shared securely, then you can use the org's developer account (e.g. your account) to obtain the subscription and securely provide the keys to the 3rd party dev to use.
If sharing the keys can't be done securely, then the 3rd party dev can use their own subscription key for development and testing, then provide a way for you to switch it out with your own subscription key when the app is transferred over to you.
My suggestion for the 3rd party developer to be added to your developer team is just to give them easier access to the app's API configuration e.g. client id, client secret, set redirect URIs, set API scopes, etc. They can have access to control those settings without having their own API subscription i.e. the API subscription controls the quota/rate limits and access to call certain APIs.
1
Categories
- All Categories
- 6 Blackbaud Community Help
- 212 bbcon®
- 1.4K Blackbaud Altru®
- 399 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.5K Blackbaud Financial Edge NXT®
- 654 Blackbaud Grantmaking™
- 571 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 939 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.6K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 248 ResearchPoint™
- 119 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 240 Member Lounge (Just for Fun)
- 34 Blackbaud Community Challenges
- 34 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Chat for Blackbaud AI
- 3 (Closed) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 789 Community News
- 2.9K Jobs Board
- 53 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)