You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
It seems like the current authorization flow for grader service is based on parsing a token directly from the request headers.
Describe the solution you'd like
It would be great if we could ensure that we are implementing a version of the Client Credentials Flow.
Essentially it might boil down to:
create a client ID for grader service
establish a back-channel of communication between it and the authorization server (jupyter hub).
We'd probably also like to establish some basic facts about the user that has started the session and look up what their permission scopes are in a database table somewhere.
Describe alternatives you've considered
Authorization by fiat.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
It seems like the current authorization flow for grader service is based on parsing a token directly from the request headers.
Describe the solution you'd like
It would be great if we could ensure that we are implementing a version of the Client Credentials Flow.
Essentially it might boil down to:
We'd probably also like to establish some basic facts about the user that has started the session and look up what their permission scopes are in a database table somewhere.
Describe alternatives you've considered
Authorization by fiat.
The text was updated successfully, but these errors were encountered: