You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think we have a decent implementation thanks to @alukach and @edkeeble of handling OAuth2, and then connecting to an authorization system to implement some authorization rules.
I'd love to see if this could be added to the eoapi-k8s setup and maybe we figure out some basic configurability that's possible via supplying some values. So maybe to start with, something like:
add an enable_authentication option in values that users can set to true
this some-how enables the authentication and authorization bits in the FastAPI app (I'm a bit fuzzy about how exactly we implement this)
to start with, provide simple default presets for authorization schemes:
Everyone can read, people in an admins group can write
No public read access. People in group members can read, admins can write
We can document how you could write code to implement more complex auth scenarios, but this would allow us to have authentication and authorization out-of-the-box with an eoapi-k8s install.
@ranchodeluxe does this sound reasonable? Would you have the time / interest to try and help?
For CDK and K8s what are the auth workflows we can use to wrap the transaction API for ingestion
AC:
The text was updated successfully, but these errors were encountered: