Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create usage logs (invocations) for all entities with secrets #72

Closed
mike-marcacci opened this issue Jan 1, 2020 · 0 comments · Fixed by #74
Closed

Create usage logs (invocations) for all entities with secrets #72

mike-marcacci opened this issue Jan 1, 2020 · 0 comments · Fixed by #74
Labels
packages/authx type:enhancement

Comments

@mike-marcacci
Copy link
Member

mike-marcacci commented Jan 1, 2020
edited
Loading

As a prerequisite to #49 we need the ability to track when various entities with secrets are used. While this is currently possible via external logging systems, this kind of invocation log (distinct from an access log) should be a first-class citizen. Adding core support will enable this information to be exposed over the GraphQL API, and allow AuthX to enforce granular access control to it.

A credential is invoked:

  • when it is used for authentication

An authorization is invoked:

  • when a bearer token is generated
  • when a basic token is used to access AuthX

A grant is invoked:

  • when it is exchanged for an authorization by its client

A client is invoked:

  • when it exchanges a grant for an authorization
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
packages/authx type:enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Record invocations the-control-group/authx
1 participant
@mike-marcacci