You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is not ideal because we have two wildly different responses for very similar requests. The /api/check endpoint is strictly not necessary because it can be subsumed by the /api/check_resource_batch endpoint.
Proposal
Remove the current /api/check endpoint.
Rename /api/check_resource_batch to /api/check and make it the default endpoint.
introduce a debug parameter to the request so that we can add debug metadata (matched policy, active derived roles) to the response.
The text was updated successfully, but these errors were encountered:
We have
/api/check
for checking a single principal and a single resource against a single action. It returns a response like the following.Then we have the
/api/check_resource_batch
endpoint which checks a single principal against multiple actions and multiple resources.This is not ideal because we have two wildly different responses for very similar requests. The
/api/check
endpoint is strictly not necessary because it can be subsumed by the/api/check_resource_batch
endpoint.Proposal
/api/check
endpoint./api/check_resource_batch
to/api/check
and make it the default endpoint.debug
parameter to the request so that we can add debug metadata (matched policy, active derived roles) to the response.The text was updated successfully, but these errors were encountered: