We are now leveraging OpenID for the frontend and want to also leverage it for the backend (and future connections with other systems i.e; Archibus..)
The semi temp solution that decodes and verify the id token of the logged in user to store the oid and sub props from the jwt token in the database when logging messages/conversation.
We now should aim to:
properly setup/modifiy an app registrsation with proper API scopes for our API
remove the API dual validation of flask_httpauth to migrate from reading from two headers down to just the Authorization Bearer token.
frontend would have the user request for a access token that would contain the proper scope(s) for the API
setup necessary TF configuration for dev domain (along with everything so far) so we can replicate on "prod'
We are now leveraging OpenID for the frontend and want to also leverage it for the backend (and future connections with other systems i.e; Archibus..)
The semi temp solution that decodes and verify the id token of the logged in user to store the oid and sub props from the jwt token in the database when logging messages/conversation.
We now should aim to: