semi temp solution that decodes and verify the id token of the logged in user to store the oid and sub props from the jwt token in the database when logging messages/conversation.
This is the first phase. The next iteration should aim to:
properly setup/modifiy an app registrsation with proper API scopes for our API
remove the API dual validation of flask_httpauth to migrate from reading from two headers down to just the Authorization Bearer token.
frontend would have the user request for a access token that would contain the proper scope(s) for the API
setup necessary TF configuration for dev domain (along with everything so far) so we can replicate on "prod'
semi temp solution that decodes and verify the
id tokenof the logged in user to store theoidandsubprops from the jwt token in the database when logging messages/conversation.This is the first phase. The next iteration should aim to:
flask_httpauthto migrate from reading from two headers down to just theAuthorization Bearertoken.