create a wiki page or a README section dumping all the information needed to setup and seed OpenFGA with valid data useable by the Groups and Roles API
use the draft below and enhance/make prettier
fetch MODEL_ID and STORE_ID from openfga server (the one running inside k8s should be perfect, if u have it running on docker fine as well), the following will pick the latest model from the first store (hopefully u dont have any more than that)
STORE_ID=$(fga --api-url http://127.0.0.1:8080 store list | jq '.stores[0].id' -r)
MODEL_ID=$(fga --api-url http://127.0.0.1:8080 model list --store-id $STORE_ID | jq '.authorization_models[0].id' -r)
is what enables to get the full list of roles and groups as an admin user, what u do on the API is to set X-Authorization to a base64 encoded of the string "huw" or , no need for "user:"
shipperizer in ~/shipperizer/identity-platform-admin-ui on IAM-726 ● λ echo -n shipperizer | base64
c2hpcHBlcml6ZXI=
PRIVILEGED_USER=c2hpcHBlcml6ZXI=
http :8000/api/v0/roles X-Authorization:$PRIVILEGED_USER
---
create a wiki page or a README section dumping all the information needed to setup and seed OpenFGA with valid data useable by the Groups and Roles API
use the draft below and enhance/make prettier
fetch
MODEL_ID
andSTORE_ID
from openfga server (the one running inside k8s should be perfect, if u have it running on docker fine as well), the following will pick the latest model from the first store (hopefully u dont have any more than that)populate the model with data
fga --api-url http://127.0.0.1:8080 tuple write --model-id $MODEL_ID --store-id $STORE_ID --file openfga-tuples.yml
where openfga-tuples.yaml is
in terms of API (rudimentary) authorization this
is what enables to get the full list of roles and groups as an admin user, what u do on the API is to set X-Authorization to a base64 encoded of the string "huw" or, no need for "user:"