A read only account should not have access to API tokens
Target version (plugin):
Critical - prevents main use of Rudder | no workaround | data loss | security
Operational - other Techniques | Technique editor | Rudder settings
At least until we heave read-only tokens.
A read_only user can read current tokens and modify them, and gets a full write access to the configuration.
#22 Updated by Vincent MEMBRÉ over 1 year ago
- Status changed from Pending release to Released