Closed aabedraba closed 1 year ago
Need to update the docs to let users know that the secret needs to be created before attempting to apply the API.
Waiting on Envoy PR to be merged. In case next week it's not merged, we implement this without using SDS.
https://docs.solo.io/gloo-mesh-enterprise/1.2.x/guides/gateway/auth/extauth/oauth/
Slightly adjusted from above:
credentials:
client_id: "client_id"
client_secret_ref:
name: my-oauth-secret-for-some-api
namespace: oauth-secrets
or
credentials:
client_id: "client_id"
client_secret: "inline_client_secret"
adding the first won't break anything basically.
Our users don't want to add sensitive information to their OpenAPI definition as they want to track the definition on a version control system.
They asked to be able to reference a Kubernetes Secret for this.
Could we extend the fields that we have now to support it?
Currently we support putting it directly on the OpenAPI definition like this:
We want to make it something like this (to discuss how to name it and the fields it needs):