New extension point for Authz service #4575
Replies: 1 comment 7 replies
-
|
hi @scandinave. what information from the request would you use to make the authz decision, and how? Please read our adoption guidelines in case you haven't. |
Beta Was this translation helpful? Give feedback.
-
|
I understand this. The goal is only to provide an ExtensionPoint with sufficient information to allow implementation like our to handle this case. |
Beta Was this translation helpful? Give feedback.
-
|
nothing is needed from EDC side here: simply implement a |
Beta Was this translation helpful? Give feedback.
-
|
Yes thanks for your time |
Beta Was this translation helpful? Give feedback.
-
|
can I close this discussion as solved then? |
Beta Was this translation helpful? Give feedback.
-
|
Yes please |
Beta Was this translation helpful? Give feedback.
-
Hi,
Currently there is an AuthenticationService extension point to handle authentication on the ManagementAPI. We would like to secure the API with an OAuth2 provider.
The AuthenticationServiceExtension point does not let extension access the whole request and the target endpoint, only the header so it's not possible to make good decision for authorization. We propose to update the AuthenticationService for this use case ou create a new AuthzService extension point that is registered in
ManagementApiConfigurationExtensionafter the AuthenticationExtensionPoint and that can pass the full request to the extension implementation.Is this something that is possible to contribute?
Beta Was this translation helpful? Give feedback.
All reactions