Pipelines owned by disabled user
We have ~50 pipelines under a user's account. That user is leaving the company and their account will be disabled. The question is, how will this impact the pipelines? They are set up to be authenti...
Forum Discussion
ohhhh, I feel your pain,
Here is a great article to get started.
https://community.quickbase.com/blogs/bree-mackey1/2022/05/04/service-accounts-and-you
Chuck
------------------------------
v/r,
Chuck
------------------------------
The Pipelines should continue to run with no issue so long as the usertoken that they're set with is not tied to that person. If its actually tied to the user that is leaving / it's their personal usertoken then their denial from the realm will kill the token.
I don't believe that Pipelines shut down when a user is Denied, so there should be no immediate concern. Assuming you are a Realm Admin you can still access them using the 'Switch To User' feature of Pipelines - the only difficulty with that is the logs aren't fully accessible - so you will only see the execution of each step but if you needed the actual response data or why something failed for example then you would need to actually log in as the Pipelines owner.
Your best case similar to Chuck's comment is to move them all under a service account instead of a singular user.
------------------------------
Chayce Duncan
------------------------------
- MarkShnier__You
Qrew Legend
I am pretty sure that if the user who is associated with the user token is put on the deny list, then the pipeline will instantly fail.
I am pretty sure that if the user who is associated with the user token is put on the deny list, then the pipeline will instantly fail.
I agree with the suggestion to use a service account. You can simply take that user ID associated with the account and you can change the name on it and change the email address associated with it and it will be your service account. One day in the future we hope for better ability to share and transfer pipelines but until then probably the best solution is to use the service account.
------------------------------
Mark Shnier (Your Quickbase Coach)
mark.shnier@gmail.com
------------------------------To clarify one of my points after reading Marks response also - yes, if the user in question used their own usertoken then all of your pipelines will fail. IF they setup the pipelines under their account BUT they used a shared email / service account token for authentication then they will continue to work if the person is denied.
------------------------------
Chayce Duncan
------------------------------"You can simply take that user ID associated with the account and you can change the name on it and change the email address associated with it and it will be your service account."
One note: if you go this route, make certain to make the email address a forwarder to anyone who should receive error emails or login code emails (if you have 2FA enabled).
In order for a Builder to login to a service account the builder must be able to receive the verification code email. We have a mailbox shared with the team. When we build a new Pipeline, we go incognito mode and login as the service account.
------------------------------
Jim Harrison
transparency = knowledge + understanding : The Scrum Dudes
------------------------------
