darrenjrobinson / powershell_module_identitynow

SailPoint IdentityNow PowerShell Module
https://blog.darrenjrobinson.com/sailpoint-identitynow/
MIT License
47 stars 15 forks source link

Deprecation Notice: Password Grant Type #39

Closed 410sean closed 3 years ago

410sean commented 3 years ago

may need to introduce a warning for those relying on password grant type to say it will stop working August 2021. reviewing the code we try 1) refresh token - if expired it falls back to grant type password 2) PAT - grant type client_credentials 3) grant_type = password - should include a warning

so PAT should be first i believe with all others producing a warning.

here is the communication from SailPoint

As previously communicated (link), the PASSWORD grant type has been deprecated in favor of Personal Access Tokens. In order to provide increased security for integrations with IdentityNow, all instances will need to move to Personal Access Tokens. As of Monday, May 31st, new clients can no longer be created with the PASSWORD grant type. Older APIs will still function, but will also be deprecated, and will end-of-life in August, 2021. For more information on Personal Access Tokens, see Generating Personal Access Tokens. Please update any existing applications or API clients to use Personal Access Tokens before the PASSWORD grant type is deprecated and no longer supported within your tenant.

darrenjrobinson commented 3 years ago

Updates made for v1.1.4 which will be released shortly with the merge of the following PR. https://github.com/darrenjrobinson/powershell_module_identitynow/pull/38