Best practice for integrated app and users
So I'm building an integration that watches a few folders and based on certain triggers moves some files around.
I seem to be able to take actions in 2 different ways:
1) As the app's service account
2) As a service account user created by the app
I might be mistaken, but seems like option 2 is what everyone is doing. Is there any reason not to just go with the much simpler option 1? What's the best practice in this situation and what should I be taking into consideration.
Security IS a major factor. The app only has rights to WRITE to the places it's moving files as a security precaution, but it looks like whatever security measures I can take with app an app user I can also take with the service account for the app.
What am I missing?
Please sign in to leave a comment.
Comments
0 comments