Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protect SAF IDT endpoint #469

Open
achmelo opened this issue May 11, 2022 · 2 comments
Open

Protect SAF IDT endpoint #469

achmelo opened this issue May 11, 2022 · 2 comments

Comments

@achmelo
Copy link
Member

achmelo commented May 11, 2022

REST endpoints for creating and verifying SAF ID tokens are currently available to anyone. After broad discussions with the community and SMEs, there was an agreement that it would be better to protect these endpoints with another layer of security, e.g. client certificates.
This is a follow-up issue for PR: #447
@JoeNemo JoeNemo assigned JoeNemo and unassigned JoeNemo May 18, 2022
@JoeNemo
Copy link
Contributor

JoeNemo commented May 18, 2022

@achmelo - please assign this to you or a colleague

@achmelo
Copy link
Member Author

achmelo commented May 18, 2022

I can't do anything in this repo(not even assign myself) as I don't have permission. Please assign me. However, if I or anyone from our team will work on this issue, we will need to have permission.

@balhar-jakub balhar-jakub moved this to Backlog in zOS Squad Board Jan 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
zOS Squad Board
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JoeNemo @achmelo