Question on token authentication :thread:
# gooddata-cloud
Question on token authentication šŸ§µ
Trying to setup auth for our external app we have thought of the following way. ā€¢ Every time a user logs in our web app we can post request and receive a new token. ā€¢ We can authenticate our requests to GoodData with this token, instead of setting up auth with OIDC and IDp. Are we able to set permissioning for a specific auth token? -> e.g. token X -> Access only to Y workspace Considering the case above, can you think of any other potential blockers that can come up? Is this sth that we could set up?
šŸ‘€ 1
cc @Konstantinos Koroneos @John Lim
Hi Menelaos, yes, it's somehow possible - the token is always generated on behalf of specific user in your gooddata organization, so it inherits the permissions of the said user. So you can either provision separate user in GD based on users in your app, or at least have some shared users divided based on permissions. Other than that, this scenario is definitely possible and there shouldn't be any major obstacles.
šŸ‘€ 2