Skip to content

Clarify Scope struct serves both JWT and API key authentication#149

Merged
jeroenrinzema merged 2 commits intofeat/145from
copilot/sub-pr-147
Feb 5, 2026
Merged

Clarify Scope struct serves both JWT and API key authentication#149
jeroenrinzema merged 2 commits intofeat/145from
copilot/sub-pr-147

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Feb 5, 2026
edited
Loading

The Scope struct in internal/claim/rbac/rbac.go is used for both management API (JWT tokens) and client API (API keys) authentication, but the comment only mentioned "user" context.

Changes

  • Updated Scope struct comment to explicitly document dual authentication purpose:
    • Management API: JWT-authenticated admin users
    • Client API: API key authentication
// Scope represents an authenticated user or API key in the context.
// It is used for both the management API (JWT authentication) and the client API (API key authentication).
type Scope struct {
    OrganizationID uuid.UUID
    ProjectID      uuid.UUID
}

The struct is populated by WithJWT() for admin users and WithKey() for API keys in internal/http/auth/auth.go.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI mentioned this pull request Feb 5, 2026
Merged
@jeroenrinzema
Update Scope comment to clarify dual authentication purpose
bcbfc18 
Co-authored-by: jeroenrinzema <3440116+jeroenrinzema@users.noreply.github.com>
Copilot AI changed the title [WIP] Update to address feedback on exposing HTTP services Clarify Scope struct serves both JWT and API key authentication Feb 5, 2026
@jeroenrinzema jeroenrinzema marked this pull request as ready for review February 5, 2026 23:02
Copilot AI requested a review from jeroenrinzema February 5, 2026 23:02
@jeroenrinzema jeroenrinzema merged commit aa144b4 into feat/145 Feb 5, 2026
@jeroenrinzema jeroenrinzema deleted the copilot/sub-pr-147 branch February 5, 2026 23:02
jeroenrinzema added a commit that referenced this pull request Feb 5, 2026
@jeroenrinzema
Expose HTTP services on a single port (#147)
d1f2964 
* feat: expose http services on a single port and merged specs, closes #145

* Update internal/http/controllers/v1/http.go

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Clarify Scope struct serves both JWT and API key authentication (#149)

* Update Scope comment to clarify dual authentication purpose

Co-authored-by: jeroenrinzema <3440116+jeroenrinzema@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jeroenrinzema <3440116+jeroenrinzema@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeroenrinzema jeroenrinzema Awaiting requested review from jeroenrinzema

Assignees

@jeroenrinzema jeroenrinzema

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jeroenrinzema