feat: Enable Zitadel Integration for API Authentication #4147
Conversation
| let zitadelClient: ManagementServiceClient | null = null; | ||
|
|
||
| const getZitadelSettings = async () => { | ||
| if (!process.env.ZITADEL_PROVIDER) throw new Error("No value set for Zitadel Provider"); |
There was a problem hiding this comment.
You can find this value and the one below in 1Password. These need to be injected into the Terraform code. Bryan used the Forms settings to store the values encrypted. Not sure what was the reason.
| }; | ||
|
|
||
| const _refreshKey = async (templateId: string) => { | ||
| const key = await refreshKey(templateId); |
There was a problem hiding this comment.
Do we plan on adding error handling in a future iteration? I noticed the lib code can throw various type of errors at the moment.
| <CircleCheckIcon className="mr-2 inline-block w-9 fill-green-700" /> | ||
| {t("settings.api.keyExists")} | ||
| </div> | ||
| <Button theme="primary" className="mr-4" onClick={() => deleteKey(id)}> |
There was a problem hiding this comment.
The deleteKey function is async and can also throw errors. Not a big deal but it would be good to let the user know whether the key was successfully deleted or not.
I'd like to see a happy path working in staging, and then we can focus on stabilizing the code. What do you think? |
Sounds good to me! As long as we do not forget about it :) |
Summary | Résumé
Most of the work was ported from Bryan's original PR #3908. The only change made was in the management of Zitadel's admin key.
Flow
Screen.Recording.2024-08-06.at.8.52.55.PM.mov
Machine Service Accounts
1 Form = 1 Account
Test instructions | Instructions pour tester la modification
Unresolved questions / Out of scope | Questions non résolues ou hors sujet
TBD
Pull Request Checklist
Please complete the following items in the checklist before you request a review: