Ability to disable (but not delete) users
There needs to be a way to deactivate user accounts rather than completing removing. We have users that will no longer have access to the system, but could come back later (for example, trail users). The workarounds are currently: reassigning security groups (means those users are still taking up licenses) writing our own user admin functionality (only makes sense if we are integrating users to another platform) Adding a 'Status' or 'Disabled' flag to the user account would accomplish this.
Support API Key rotation (2+ keys per user)
We want to rotate the API key for our system user but need to make sure there's no downtime. This means we need to have 2 keys working in parallel for the same user for a period of time until we can cycle all of our services to pick up the latest api key. The problem is as soon as the API key is rotated, the old key immediately stopped working. Majority of systems out there support key rotation (like allowing a time delay before the old key expires like FB app, or ability to temporary create a second key and then we can promote it as primary once we are ready). Key rotation is a best practice for security principles.User password expiration
Hi, Many customers are asking about secutiry concerns. One of it is about the feature of set a time when the password expires. For example, if a viewer has set a password expirtation time to 60 days, he needs to change the password into these days. Days before the expiration he will be notified. Thanks
WAT and ACL Security Model - Default to no access
We have found that if an ACL in a WAT does not match the Elasticube table/column security field, it defaults to providing 'all data'. To avoid a potential human error where a table/column has been renamed, we would like the default position to be 'nothing'.
Local Development Environment
Idea: Allow developers to build/test add-ons in a local environment rather than requiring a live environment. Note that this would be for the purpose of creating custom add-ons for additional functionality that would require testing on the "out of the box" Sisense UI. Background/Context: In most development workflows it is common practice to work on your code locally on your machine and deploy to a local server aka "localhost" to test/view your work in the browser. An example of this is building and deploying a local React.js app to your browser. As you make changes to the code it will recompile locally and update what you see on your localhost. If you're using Sisense out of the box however, to test/view any changes to an add-on developers are forced to upload the files in some way to a live Sisense Environment. This not only limits the innovation of add-ons to developers with an active license and live environment, it makes it painfully inefficient to develop customizations on top of the Sisense application. I understand there are likely some business concerns with allowing the use of the product locally but I'd argue that there are ways to prevent that, such as enforcing some default sample data etc., but in such a way that would give developers a "local playground" to develop/innovate on.
Add user or group params as Claim in Web Access Token
It would be very helpful to be able to pass User or Group parameters as Claims in a Web Access Token. This will allow customers to leverage the dynamic features related to User/Group Parameters (e.g. dynamic live query) when using Web Access Tokens.
Data Security Bulk provisioning API
We would like to configure multiple data security rules on a live data source table. With the available APIs there is a constraint to set one rule at a time. Having an API that accepts a collection of multiple rules is desired for our use case since we have more that 18,000 rules to be set.
