This repository was archived by the owner on May 10, 2024. It is now read-only.
This repository was archived by the owner on May 10, 2024. It is now read-only.
Generate scoped JWTs #299
Open
Description
When requesting a token (with an login endpoint) I would like to limit created token to operate only on selected collections and perform only limited actions.
Reason: There may be a USER who is a SYSTEM/CLUSTER-level user that is owning multiple collections for multiple applications in his/her cluster. A Backup Maker Operator could assign credentials dynamically during backup execution, and every ScheduledBackup can get its own scoped JWT that would allow to upload only to its own collection
In short words with this pattern we could allow to create a better isolation on application level in same user account.