Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support of external issued JWTs for client - server communication #539

Open
kirillmakhonin-brt opened this issue Jan 29, 2024 · 1 comment
Open

Add support of external issued JWTs for client - server communication #539

kirillmakhonin-brt opened this issue Jan 29, 2024 · 1 comment

Comments

@kirillmakhonin-brt
Copy link

Is your feature request related to a problem? Please describe.
In organizations with established authentication infrastructure it would be beneficial to have an ability to use external systems to issue JWT tokens (e.g. GCP's JWT tokens) and configure server to trust such identites.
It will eliminate the need to manage & maintain master token and handle all proper security technics around it (rotation etc)

Describe the solution you'd like
Ability to pass JWKS endpoint (external to OPAL server) and (optionally) name of Python module & function that should be used for additional validation of token (e.g. specific scope requirement).

Ability to pass name of Python module & function / url / file path (file or callable) to OPAL client that can be used to get a fresh auth token

Describe alternatives you've considered
Implementing this in a proxy server in front of OPAL server
@orweis
Copy link
Contributor

orweis commented Jan 29, 2024

Hi @kirillmakhonin-brt :) Thanks for submitting, we will review and consider.
Would you be open to also submitting a PR ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@orweis @kirillmakhonin-brt