Add Scopes to Infra Tokens for Authorization #254
Assignees
Labels
area/api
Issue or PR related to the Infra API.
Comments
Closed
|
This will also modify the default API key to only allow for adding destinations and querying the roles endpoint. |
Merged
BruceMacD
added a commit
that referenced
this issue
Oct 6, 2021
* add authz permissions - Remove api-token commands from the CLI - Generate a root API token on registry install - Rename "defaultApiKey" to "engineApiKey" - Add Infra permissions to OpenAPI spec - Check API token permissions on use - Scope engine connection key to only destination registration and listing roles - Add permissions to API key creation request and list response - Add API key documentation - Make docs
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When a token is issued to a user or a service (API token) it should be assigned scopes to control which API endpoints it is authorized to access.
https://swagger.io/docs/specification/authentication/
The text was updated successfully, but these errors were encountered: