Add functionality to revoke all credentials
dnephin opened this issue · 1 comments
When a user suspects they have been compromised it is expected that they revoke all of their credentials and create new ones.
Today they would need to:
- delete each individual Infra access key
- delete each individual SSH key (not yet possible)
- (in the future) delete each individual destination credentials
Since this is an important security practice, we could provide a single API endpoint that allows someone to revoke all of their credentials. It could also allow an admin to revoke the credentials for someone else in their organization.
Another option would be to do this on the client side (in the UI and/or CLI), but doing it server side seems easier (way fewer requests) and better for third-party integration.
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.