Add User Authentication #15
Comments
|
I'd like to hear your input on this issue, it also seems relevant for STAC Manager, I assume: |
|
For convenience: These are the endpoint + http method combinations that will require auth:
The same endpoints are probably in many cases open for anonymous GET requests, but other methods require auth. There will be cases, though, where also other methods and GET requests require auth, for example when some collections are access restricted or the whole STAC API is. If we want to use STAC Manager for these cases, we will need to figure out how to support those cases in terms of auth. TBD. |
|
@danielfdsilva, looks like we already have all the information about the auth flow we need to implement for EOEPCA, which I expect will be the same thing for VEDA: EOEPCA/resource-discovery#128 (comment) So I guess we will need a few things to be configurable in the app, such as the client ID, URL to the login service, etc. Are you able to derive these from the details on the above ticket? To test things out, we will need to deploy our app in the EOEPCA cluster, as mentioned. Maybe we can already prepare the app for the auth flow now? |
|
The goal is to make the app a client for the Authorization Code Flow with PKCE. It will in our projects be used against KeyCloak, but the flow and its logic should be identical between OAuth2 providers. |
Description
The UI will need user authentication to allow only certain users to access and edit the STAC catalog.
The VEDA project is implementing veda-auth-central which uses OAuth 2.0 via KeyCloak. A user will need to log in using SSO before editing metadata. Tokens would need to be passed to the STAC API so transactions can be executed.
PI Objective
Objective DS-2: STAC Admin NASA-IMPACT/veda-architecture#454
Acceptance Criteria
The text was updated successfully, but these errors were encountered: