Skip to content

Ask Auth Service for authorization

Each action should ask the Auth Service for authorization. The actual RBAC implementation for each group of routes will be separate issues. For this issue, only a simple to use dependency should be created which can be injected into FastAPI routes and easily mocked during tests

The request should have the following form

POST http://<auth-sevice>/internal/authz
Content-Type: application/json

{
  "token": "<JWT send by user>",
  "operation": "<operation>",
  "resource": "<resource>"
}

Response

{
  "decision_id": "<decision id>",
  "result": boolean
}
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information