Hello
I'm curious how others manage their API Key expiration dates? I'm not referring to Rapid7 Platform keys (User / Organization) that do not expire, but rather external connection API keys like Jira, Gitlab, etc. Not all external tooling have API key expiry reminders unfortunately.
Do you use an simple calendar with API key names and expiry dates or something more sophisticated?
Was thinking wouldn't it be nice if the connection itself had an "expires on" field that could be monitored and tracked within Rapid7 and even appear as column on the connections tab within InsightConnect -> Settings -> Plugins & Tools -> Connections ? This way at a glance you could see that an API key is about to expire, rotate it, update the connection (including the date) and avoid downtime.
My workaround for now is in the naming convention for the connection: "Prod/Dev - Plugin - version - expiry YYYYMMDD" if it contains an expiring API key and I also add the expiry to the credential name as well so I know when it's updated.
(PS - I've submitted this a product feedback for improvement)
thanks
Marco
