API key should not be associated with a user account there should be system keys admin controlled

No need to create a new Idea for this - please upvote and comment here instead:

The other request is for fresdesk. Not sure if dev’s would prioritize for freshservice.. Adding my votes for both.

I have 3 big integration requests in our organization, and expecting more -some handled internally and  some by consultants (excluding marketplace app integration). The challenges below aren’t new, but they continue to raise concerns for regular use:

• API keys should not be tied to individual users and it should instead be system‑ or admin‑controlled. This offer more flexsiblity and control.
• Each integration or each API key should have scoped access
• API activity should be visible in logs under the system or integration name, not a user.
• Reusing a single API key across integrations is risky — if one is compromised, all integrations are impacted.
• While the API itself may be technically secure (with improvements implemented over the past few years), the current usage and management model for Admin and user to benifit is not secure and is prone to risk.
• It also doesn’t seem reasonable to require an extra agent license just to create and manage a single API keys, especially when no agent work is involved and multiple integrations need to be built.
• Also, would benifit if we can see when a API was last used and how many time it was used.

Addressing this would greatly improve security and manageability for integrations.
Needed across for both #freshdesk #freshservice