clundin25
commented
7 months ago @BigTailWolf is this PR ready for another round of review?
Closed BigTailWolf closed 7 months ago
clundin25
commented
7 months ago @BigTailWolf is this PR ready for another round of review?
BigTailWolf
commented
7 months ago Hi @clundin25 and @lsirac , I removed the global lookup flow in the refresh. Now we only do supports on injection.
BigTailWolf
commented
7 months ago Hi @clundin25 , I'm going to close this change as I got an update on the change from backend on their design.
We are going to implement support for service account credentials trust boundary via a cache value.
Usage of the Value
Whenever we apply a credentials to a request header, after we apply the authorization header with access_token, we are going to check the trust boundary value. If the trust boundary value is not
None, we apply a headerx-allowed-locationswith the trust boundary value.Update of the Value
There are two ways we can do the update of the value:
Injection: Provide a direct setter/getter to the trust boundary value.
Trust boundary lookup: We are not going to include in this change since the global lookup endpoint is not launched yet.