Skip to content
This repository was archived by the owner on May 10, 2024. It is now read-only.
This repository was archived by the owner on May 10, 2024. It is now read-only.

Generate scoped JWTs #299

Open
Open
@blackandred

Description

@blackandred

When requesting a token (with an login endpoint) I would like to limit created token to operate only on selected collections and perform only limited actions.

Reason: There may be a USER who is a SYSTEM/CLUSTER-level user that is owning multiple collections for multiple applications in his/her cluster. A Backup Maker Operator could assign credentials dynamically during backup execution, and every ScheduledBackup can get its own scoped JWT that would allow to upload only to its own collection

In short words with this pattern we could allow to create a better isolation on application level in same user account.

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions