Closed barronstone closed 3 weeks ago
Developers can currently query Supabase to get a short-lived session token, so this issue is no longer needed. We will implement the ability to generate long-lived keys via the API with issue https://github.com/defenseunicorns/leapfrogai/issues/561
User Story
As a Third-Party application using LeapfrogAI's API I want to receive a session authentication token via the API So that I can securely access LeapfrogAI via the API.
Acceptance Criteria
Given I make an authenticated call to the LeapfrogAI API to create a session auth token. When I use the auth token to make calls to the API. Then authentication and RLS works as it does when I use a Supabase JWT access token.
Describe alternatives you've considered
There is another open issue for Long Lived API Keys. We need to decide if it makes sense to implement session authentication, long-lived keys, or both.
Additional context
Add any other context or screenshots about the feature request here.