This document describes how to configure the authorization mechanisms for Flipt v2.
required
field to true
on the authorization
configuration object.
required
, the API will ensure valid credentials are present on all management API requests.
required: true
all management API routes will require a valid authentication session as well.The UI will require a session-compatible authentication method (e.g. OIDC) to be enabled.policy
object in the authorization
configuration object.
package flipt.authz.v2
instead of v1’s package flipt.authz.v1
. This is a breaking change that reflects the enhanced
authorization model.poll_interval
field in the policy
object.
data
object in the authorization
configuration object.
poll_interval
field in the data
object.
scope
field:
data.json
file defines role bindings:
flipt.authz.v1
to flipt.authz.v2
viewable_environments
and viewable_namespaces(env)
for better UXscope
field instead of resource
/subject