add support for authenticated requests TO rdpc using app to app tokens #98
Assignees
Labels
critical
This MUST be completed for release
Scope Change
Scope change from the initial sprint commitment
v1.12.0
Milestone
Comments
15 tasks
rosibaj
modified the milestones:
Donkey Kong Sprint 39,
[FUTURE] - Donkey Kong Sprint 40
|
@Buwujiu I need a version label on this ticket before we can release it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The aggregator connects to the rdpc-api, which now requires AUTH headers to allow for data extraction. We need to add support for authenticated requests to rdpc using app to app tokens. The aggregator needs to:
send auth headers to rdpc-api on all calls for authorization
be registered as an application in ego
be able to generate an app token from ego that is sent in the headers
register aggregator as a application in ego; store secrets in vault
write some code/use a library to refresh the auth token regularly.
hold onto the jwt in memory; use it normally;
each time we try and reach out to rdpc-api, do a preflight check on duration of jwt as a self-validation before reaching out to jwt., if it has not expires use it, it it has not
issue an application token and use it in the auth headers to the rdpc-gateway-api
The text was updated successfully, but these errors were encountered: