Use /security/login instead of /login?
#44619
Comments
azasypkin
added
discuss
Team:Security
I think it's acceptable, but I do like the look of If we didn't have the SAML/OIDC endpoints to contend with, I'd ask if |
Yeah, same here. Let's see, there is a chance in #44620 we agree to turn temporary fix with |
|
Based on the result of discussion in #44620, we'll still have a way to register "resources/views" with URLs that are relative to root, so we can continue using httpResourceService.add({
path: 'login',
fromRoot: true,
handler(){}
}); |
Do we see any issues with having
/security/logininstead of/loginin the next major apart from the fact that it will be a very tedious work to update all the docs and tests that reference to/login?Context
Currently NP plugins can only define routes that start with plugin id or with
/securityin our case.And since we don't tend to maintain (?) BWC for API routes URLs exposed by plugins in minors, it shouldn't be a problem for majority of our API routes to migrate to this new "prefix". But there are some routes that we can't break in minors, e.g. routes that are used by external SAML/OIDC providers like
/api/security/v1/saml. The initial idea was to keep old routes in LP and new routes in NP, but in practice it's quite cumbersome since routes in LP and NP may rely on the same logic (see #44513 for example) that we need to share between LP and NP somehow. To make migration easier platform/core may allow us to define routes that are relative to the root instead that we can deprecate in 7.x and completely drop in 8.0 (#44620). All is well with API routes here.But the question here is it feasible/acceptable to use
/securityprefixed URLs for "well-known" views like/login?cc @elastic/kibana-security @restrry
The text was updated successfully, but these errors were encountered: