Authentication

User auth tokens are not rotated in the last 90 days

Platform(s)
  • Oracle Cloud Infrastructure

Compliance Frameworks

CCPA, CPRA, iso_27001_2022, iso_27002_2022, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, OCI CIS, PDPA, UK Cyber Essentials

Description

An auth token is an Oracle-generated token string that you can use to authenticate with third-party APIs that do not support Oracle Cloud Infrastructure's signature-based authentication. The auth token is associated with the user's Console login. It was detected that user {OciUser.Name} has an auth token that was not rotated in the last 90 days. A user auth token needs to be rotated every 90 days or less in order to decrease the likelihood of accidental exposures and protect your resources against unauthorized access.