Loading...

XML

Word

Printable

Details

Type: Feature Request
Resolution: Fixed
Priority: L3 - Default
Fix Version/s: 3.8.0
Affects Version/s: None
Component/s: backend
Labels:
None

Effort:
Not defined
Epic Link:
Cloud Feature Parity

Description

Problem Definition

User Story

As a user
I want authenticate API calls with a JWT Token
So that the scope of the token is also used to validate it

Use Cases

PM Notes (Customer requests, context, assumptions)

Solution Definition

Solution Ideas

Implement the audience validation for CCSM and Platform mode analogous to SaaS mode. This involves migrating the settings to the correct place in service-config.yaml as well

Instructions for testing:

Generate a Jwt Token with an optimize Audience
Start Optimize in Platform/CCSM Mode and provide that audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience
Perform a public API request with that token and check that authentication was successful
Start Optimize in Platform/CCSM mode and provide a fake audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience
Perform a public API request with that token and check that authentication failed

mgm-controller-panel

This is the controller panel for Smart Panels app

Attachments

Issue Links

is related to

OPT-5764 Enable existing API functionality in Camunda Cloud

Done

Activity

People

Assignee:: Unassigned

Reporter:: Giuliano Rodrigues Lima

DRI:: Giuliano Rodrigues Lima

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Apr/22 10:50 AM

Updated:: 11/Apr/22 12:20 PM

Resolved:: 08/Apr/22 1:50 PM

Add scope to the JWT Validation in Platform and CCSM mode