Details
-
Task
-
Resolution: Unresolved
-
L3 - Default
-
None
-
None
-
None
-
Not defined
Description
In SaaS, Optimize presents a list of digest recipients by fetching users from the accounts service. To do this, it uses a service token that it can find from the Spring framework. This is not a sufficient method, as the token most likely just belongs to the most recent user, and not necessarily someone who has or will always have permission to fetch the owner. We even see some errors in the logs because of this.
As part of https://github.com/camunda/product-hub/issues/1778, Optimize will be able to use an m2m token to do this instead, making user fetching much more robust. Optimize need to refactor this to make use of such token, probably in a similar way to how integration with the notification service works.