Better way to authenticate API

Hello, we're building an integration with Metabase and I wonder if there is a better way to authenticate API to API communication.
The only way for now seems to be:

  • User shares username & password with our API
  • We generate session token (expiration 14 days)
  • If token expires we need to keep track of the username/password

Storing the user's username & password is something we're not comfortable with. Is there a better way or any plan to support an api key/secret in the future?

Thanks in advance

you need We should support an alternative API authentication mechanism · Issue #2699 · metabase/metabase · GitHub

Thank Luiggi, I saw it yesterday, but It's been 7 years since then. It would be nice to hear if there are plans to actually implement it

Coming very soon