Dashboard certification and authorization

[GreenShadeZhang]

Is it possible to add openid connect and oauth2 configurations to the dashboard, so that we can limit the permissions of people who log in to the dashboard? I don’t know if the official has any ideas, because I see that many open source projects will provide such functions.

[mitchdenny]

Currently the dashboard only runs locally and binds to localhost so only users on the local machine should be able to access it. Are you seeing something else?

[GreenShadeZhang]

Currently the dashboard only runs locally and binds to localhost so only users on the local machine should be able to access it. Are you seeing something else?

I want to know whether the final dashboard can be released to the production environment along with the project. If it will be released to the production environment, I think the authentication and authorization of the dashboard are needed. If it is only run in the local development stage, then my suggestion does not make much sense. , I hope you can evaluate it.

[mitchdenny]

At this point in time the dashboard is only intended for local use. In the future this may change and we'll evaluate appropriate authentication and authorization mechanisms at that point in time. I'll leave this issue open on the backlog.

[leslierichardson95]

TODO: investigate other issues about auth

[kvenkatrajan]

Addressed with #3033

[KalleOlaviNiemitalo]

Is there documentation on how to configure trusted CA certificates for client certificate authentication on the OTLP endpoint? The Kestrel endpoint configuration links to Configure certificate authentication in ASP.NET Core, which mentions CustomTrustStore, but I don't understand how the X509Certificate2Collection is bound to configuration.