Closed BigTailWolf closed 7 months ago
@BigTailWolf is this PR ready for another round of review?
Hi @clundin25 and @lsirac , I removed the global lookup flow in the refresh. Now we only do supports on injection.
Hi @clundin25 , I'm going to close this change as I got an update on the change from backend on their design.
We are going to implement support for service account credentials trust boundary via a cache value.
Usage of the Value
Whenever we apply a credentials to a request header, after we apply the authorization header with access_token, we are going to check the trust boundary value. If the trust boundary value is not
None
, we apply a headerx-allowed-locations
with the trust boundary value.Update of the Value
There are two ways we can do the update of the value:
Injection: Provide a direct setter/getter to the trust boundary value.
Trust boundary lookup: We are not going to include in this change since the global lookup endpoint is not launched yet.