Details
-
Sub-task
-
Resolution: Fixed
-
L3 - Default
-
None
-
Not defined
Description
We need to introduce a permission that gets checked against the IAM token, so that only authentication users with Optimize application permission can actually access Optimize.
This could look something like write::*, as Optimize has no real concept beyond access at the moment. If an authenticated user doesn't have that permission, they should not be allowed to access Optimize