Deactivate non-personal admin account in Red Hat 3scale API Management

Solution Verified - Updated -

Issue

  • During security scanning of the Red Hat 3scale API Management software one finding was, that a non-personal admin account exists in the Admin Portal (the default tenant admin user).
  • When someone uses this account the user actions are not related to a person and so the traceability of changes isn't ensured.
  • Personal admin accounts should be used and the 3scale admin default user should be deactivated.

Is this possible and what are the steps?

Environment

  • Red Hat 3scale API Management
    • 2.11.0 On-Premise

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content