m4wh6k
commented
1 year ago This was fixed by #17, although implemented differently than described above.
There's more work needed to be done to expand on this, see #18 and #19
Closed m4wh6k closed 1 year ago
m4wh6k
commented
1 year ago This was fixed by #17, although implemented differently than described above.
There's more work needed to be done to expand on this, see #18 and #19
Currently, the boardwalkd server has at least one built-in UI authentication method (Google Oauth2) available. There isn't yet any API authentication method available, and we should have one.
My current thinking is that there should be an "API Keys" management page in the UI, where users can create and delete API keys that can be used to authenticate to the API from boardwalk CLI workers. There should be a way to name API keys and see when they were last used.
The boardwalk CLI will need to be updated to support supplying an API key as well.
Authorization is out of scope for now. Currently being authenticated to the boardwalkd server simply provides full access, and this will still be true for this initial API authentication scheme.