Replies: 5 comments
-
|
@aamuz Thanks for your interest in the project! Unfortunately you haven't missed anything simple! There is no claims based authorisation on the administration API at the moment. I take a lean approach to development so until someone asks for a feature I normally won't add it! So I agree this is required and will add it to the backlog. I think something like this should allow us to implement something dynamic so users to implement their own authorisation policies for the administration endpoint. This is on the backlog but i have lots to do at the moment and am struggling just to keep up with questions and bugs with my spare time but I will get round to it eventually. If you have time to give it a go yourself I welcome PRs and am happy to support with design ideas etc! |
Beta Was this translation helpful? Give feedback.
-
|
@TomPallister understood. I will look into the code and will definitely try to see if I can add this enhancement and send you a PR. I, however, would definitely need some ideas from you. |
Beta Was this translation helpful? Give feedback.
-
|
@aamuz thats OK let me know when / if you need support! |
Beta Was this translation helpful? Give feedback.
-
|
@TomPallister @aamuz |
Beta Was this translation helpful? Give feedback.
-
|
@aamuz |
Beta Was this translation helpful? Give feedback.
-
[Question] Authorization with external IdentityServer
When Ocelot is used with and external IdentityServer, everything is awesome and works like expected. However, what i haven't figured out from the documentation is where can I set the authorization for the administration/configuration endpoint so that users with, lets say, admin claim only can access it.
Right now all identities that passes the authentication has access to that endpoint, means they can change the reroute config. I must have missing something simple.
Beta Was this translation helpful? Give feedback.
All reactions