This document describes how to configure Flipt’s authorization mechanisms.
required: true
all management API routes will require a valid authentication session as well.The UI will require a session-compatible authentication method (e.g. OIDC) to be enabled.required
field to true
on the authorization
configuration object.
required
, the API will ensure valid credentials are present on all management API requests.
See the Authorization: Overview documentation for more details on Flipt’s API authorization handling.
policy
object in the authorization
configuration object.
poll_interval
field in the policy
object.
data
object in the authorization
configuration object.
poll_interval
field in the data
object.
backend
field to bundle
in the authorization
configuration object.
The bundle
backend requires a valid configuration
object to be set. This configuration definition is the same as the OPA bundle service configuration.
object
backend requires a valid type
to be configured. This is similar to the object storage configuration for Flipt flag data as it also requires valid credentials to access the object storage service.
The credentials are read from environment variables at Flipt start time.
s3
object storage type directly. If you require support for other object storage types, please let us know.Alternatively, as a workaround, you can use the bundle backend to load policy and data from other object storage types. Follow the OPA bundle documentation for more information.