Happy Business Starts Here

Highlighted
Guru

Tenant setup for lockbox - API or specific user credentials

It was recomended that when the lockbox application is set up for different users to use, that the API username/password is used when creating the tenant.  Could someone refresh me memory of why that was recomended?  Couldn't a current zuora user with permissions to create payments and Credit Balance Adjustments use their own UN/PW to create a tenant to launch the lockbox and process the check payments?

 

We are running into conflict with security, because any Zuora Connect user that is set up with the API tenant's UN/PW could use the Developer Tools which opens up the possibility of someone who doesn't have permissions in core zuora to do certain things, could infact do everything with the Developer Tools via Zuora Connect.

 

Need some guidance.

 

Also, how would I go out removing acess to a tenant that is configured with the API UN/PW for specific Zuora Connect users?  Support ticket?