Create Tokens Without Identities

[JessePeden]

Summary of the new feature / enhancement

I would really like a way to create a token (for use with an API), without having to create a user (identity). The API is being restricted to a specific role, which the token will be a member of, and the user/identity is unused (other than having to be referenced by the token).

Having to create all of these identities that will never be used (and, in fact, CAN’T be used due to them not even having a password - at least with how I have been doing it) - simply to create a token for use with accessing an API (endpoint), is messy, takes up more space in the database, and it should not be necessary.

Proposed technical implementation details (optional)

No response

[adamdriscoll]

This issue has been mentioned on Ironman Software Forums. There might be relevant details there:

https://forums.ironmansoftware.com/t/create-token-without-user/10354/4

[RockoTheeHut]

We would make heavy use of this as well..

[JessePeden]

We would make heavy use of this as well..

Sweet. Glad I'm not the only one.

[mikedhanson]

I second this as well.

[eizedev]

we really need this, too!

[RockoTheeHut]

A use case for this in our case is infrastructure. We want to assign a token to each server that it uses to report back to PSU for its lifecycle. Very limited in what it can do, a restrictive role. We want to generate a token at build time. Yes, we can create a local identity and create many tokens against that one identity. That works, but to security it is misleading. Having a type of system identity/ token would better represent what the token actually is used for.

So In our case, it would be nice to have something like an option to say this is a “system id “ when creating a token that would then allow us to set an “identity” name at the same time. So if we are generating a token for a server we can set the identity name as the server name. Viewing tokens would indicate that it is a “system” token.

[ksl28]

Would be awesome!