Closed mjf-89 closed 8 months ago
This already exists here: https://min.io/docs/minio/linux/administration/identity-access-management/pluggable-authentication.html.
@djwfyi the page you linked is related to the authentication plugin that is configured with the env variables:
MINIO_IDENTITY_PLUGIN_URL MINIO_IDENTITY_PLUGIN_ROLE_POLICY MINIO_IDENTITY_PLUGIN_TOKEN MINIO_IDENTITY_PLUGIN_ROLE_ID MINIO_IDENTITY_PLUGIN_COMMENT
However as far as I understand it doesn't cover the authorization plugin. Such plugin was mentioned at least in a couple of issues I stumbled upon (see for example here). I can see the config implemented in internal/config/policy/plugin/config.go so I know that it should be configured using the following env variables:
MINIO_POLICY_PLUGIN_URL MINIO_POLICY_PLUGIN_AUTH_TOKEN MINIO_POLICY_PLUGIN_ENABLE_HTTP2
However I was not able to find proper docs describing its behavior. Am I missing something obvious?
@donatello I'm trying to remember some context here - I'm wondering if we were leaving this undocumented in the webdocs to let the feature set and develop a bit further. Ring any bells, or are we OK to pull it in for more eyes?
While the authentication plugin is well-documented here, it seems that proper documentation for the authorization plugin is missing.
The suggestion would be to add a documentation page to cover both the configuration of the plugin and the authorization flow.