Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request: granular tokens #958

Open
skedastically opened this issue Jul 1, 2024 · 1 comment
Open

Feature request: granular tokens #958

skedastically opened this issue Jul 1, 2024 · 1 comment

Comments

@skedastically
Copy link

Hi, thank you so much for this software!

Currently, tokens can do everything the user account can do, which would make it hard to configure different tokens per user for different purposes. I would like to request granular tokens up to a user's maximum configured permissions, and have a dedicated "Manage Tokens" window for every Technitium user to do so.

Along with OpenID Connect interest in in #488, having limited scope tokens helps make separating users from permission grants possible, and help Technitium to become as similarly compartmentalized as Forgejo/Gitea in terms of access control. An interesting use case for me for me is to have a view-only token for logs, and another write-allowed token to update certain DNS records.

I'm not sure if this is the best way to implement this. Also I understand that this is a huge feature that would rewrite the entire auth backend alongside OIDC support, and would be okay if it's not implemented :)

@ShreyasZare
Copy link
Member

Thanks for the suggestion. This will actually require a lot of change in the design to implement. Will need to review how this can be implemented. Even if its feasible, it will take time to implement considering that this will cause a lot of changes to current design.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants