notes/customer_manager.org
This commit is contained in:
parent
e8d5de3e10
commit
28c69d2073
1 changed files with 1 additions and 10 deletions
|
@ -39,16 +39,7 @@ that will continue to use an older access token from the wrong org/tenant.
|
|||
Idea, give other teams a trusted client.
|
||||
With this client and a user-id the team could get tokens for this user-id.
|
||||
|
||||
The API will provide a new custom route.
|
||||
So teams could be given a unique OAuth2 client that will be /trusted/ by
|
||||
IROH administrators.
|
||||
|
||||
With this client and a user id, the team will get back a couple
|
||||
access/refresh token for their client (limited to their scopes).
|
||||
|
||||
This makes it possible, once a user is authenticated inside IROH-Auth to
|
||||
hand tokens to other teams.
|
||||
One mechanism to handle this situation is the webhook, but we could also use OpenID Connect, etc..
|
||||
This is a probably safer mechanism than webhooks that do not involve any =client-secret=.
|
||||
|
||||
*** org-level credentials
|
||||
|
||||
|
|
Loading…
Reference in a new issue