AnsweredAssumed Answered

SSO for "service account" with non-expiring password?

Question asked by EricNash Employee on Oct 25, 2015
Latest reply on Feb 6, 2016 by EricNash
We have some Rally accounts that we use as "service accounts" for the generation of API keys and we're about to implement Ping SSO (SSO only- with exceptions). We hope to create domain accounts with non-expiring passwords to use for our service accounts in order to make the API keys and account credentials durable without manual password changes. The plan would be:
  1. Create a domain account like DOMAIN\rallyservice with a non-expiring password
  2. Create a Rally account for the domain account like rallyservice@domain.com
  3. Use that Rally account (not on the SSO exceptions list) to create an API key
  4. Use that API key indefinitely without password change.
Is there any special warning or caution that we should be aware of? Thanks in advance!

Outcomes