Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API Security: enable authentication for (internal) REST APIs #839

Closed
Tracked by #4031
paullatzelsperger opened this issue Mar 7, 2022 · 1 comment · Fixed by #4197
Closed
Tracked by #4031

API Security: enable authentication for (internal) REST APIs #839

paullatzelsperger opened this issue Mar 7, 2022 · 1 comment · Fixed by #4197
Assignees
@ndr-brt @paullatzelsperger
Labels
api Feature related to the (REST) api core feature enhancement New feature or request
Milestone
Milestone 16

Comments

@paullatzelsperger
Copy link
Member

paullatzelsperger commented Mar 7, 2022
edited
Loading

All (internal) REST APIs, i.e. the DataMgmt API, the DataPlane API, ControlPlane API(?), should implement a consistent (possibly shared) use of tokens with regards to creation, refreshing, revoking.

Each API should have its own Jetty Context, but they should use the same AuthenticationService. Currently there is only the TokenBasedAuthenticationService, which may need to get adapted.

Currently, only the control-API is unsecured, so we need to make sure that users have a way to supply an AuthenticationService for it.
@paullatzelsperger paullatzelsperger added enhancement New feature or request core feature api Feature related to the (REST) api labels Mar 7, 2022
@paullatzelsperger paullatzelsperger added this to the Milestone 3 milestone Mar 7, 2022
@paullatzelsperger paullatzelsperger self-assigned this Mar 7, 2022
@mspiekermann mspiekermann modified the milestones: Milestone 3, Milestone 4 Apr 8, 2022
@juliapampus juliapampus modified the milestones: Milestone 4, Milestone 5 Jun 1, 2022
@juliapampus juliapampus modified the milestones: Milestone 5, Backlog Jul 18, 2022
@github-actions
Copy link

This issue is stale because it has been open for 28 days with no activity.

@github-actions github-actions bot added the stale Open for x days with no activity label Jun 24, 2023
@juliapampus juliapampus removed the stale Open for x days with no activity label Jun 26, 2023
@paullatzelsperger paullatzelsperger changed the title API Security: create pattern for token handling for (internal) REST APIs API Security: enable authentication for (internal) REST APIs Aug 2, 2023
This was referenced Aug 2, 2023
Closed
Closed
@ndr-brt ndr-brt mentioned this issue May 2, 2024
Closed
13 tasks
@ndr-brt ndr-brt self-assigned this May 17, 2024
@ndr-brt ndr-brt modified the milestones: Backlog, Milestone 16 May 17, 2024
@ndr-brt ndr-brt mentioned this issue May 20, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ndr-brt ndr-brt

@paullatzelsperger paullatzelsperger

Labels
api Feature related to the (REST) api core feature enhancement New feature or request
Projects
None yet
Milestone
Milestone 16
Development

Successfully merging a pull request may close this issue.

feat(api): enable authentication for control-api Think-iT-Labs/edc-connector
4 participants
@ndr-brt @paullatzelsperger @juliapampus @mspiekermann