Open ecordell opened 1 year ago
I wonder if we should make the error code configurable. Depending on the context returning a 403 would be leaking resources vs 404. If a cloud user hits /org/authzed via the UI, they would discover organizations that exist.
_Originally posted by @vroldanbet in https://github.com/authzed/spicedb-kubeapi-proxy/pull/32#discussion_r1335872101_
I wonder if we should make the error code configurable. Depending on the context returning a 403 would be leaking resources vs 404. If a cloud user hits /org/authzed via the UI, they would discover organizations that exist.
_Originally posted by @vroldanbet in https://github.com/authzed/spicedb-kubeapi-proxy/pull/32#discussion_r1335872101_