[RFE] Default credentials #211
Description
What is the problem?
Credentials need to be manually assigned to applications once they are created/imported.
Why is this a problem?
In a common enterprise scenario, application repositories are secured. That means that in a large application import, considering that credentials can't be included in the CSV file, the first discovery operation will fail until the user manually associates credentials with each application. This introduces a manual step in a process that should be as automated as possible to tackle large application portfolios effectively and start surfacing information as early as possible.
A different scenario that makes this more of a problem would be related to application discovery, as it would be important to automate the insights collection as much as possible as soon as applications are discovered if the source platform contained information about the application repository.
Proposed solution
Allow Administrators to define default credentials that will be automatically associated to all applications, including all newly created ones. This should follow some rules:
- There can only be one default credential per credential type.
- Once a credential is set as default, it will be implicitly associated to all applications that don't have a credential of that type explicitly associated.
- UI should be explicit about default credentials being used by an application.
This could add more automation on the import and insights surfacing process by enabling a flow like the following:
- Applications are imported or created.
- Default credentials are associated to newly created applications.
- Language and technology discovery are executed.
- Based on the technology stack, applications are automatically associated to archetypes.