Question on token authentication :thread:
# gooddata-cloudm
Menelaos Kotoglou
07/17/2023, 9:57 AMQuestion on token authentication š§µ
Menelaos Kotoglou
07/17/2023, 10:01 AMTrying to setup auth for our external app we have thought of the following way.
ā¢ Every time a user logs in our web app we can post request and receive a new token.
ā¢ We can authenticate our requests to GoodData with this token, instead of setting up auth with OIDC and IDp.
Are we able to set permissioning for a specific auth token? -> e.g. token X -> Access only to Y workspace
Considering the case above, can you think of any other potential blockers that can come up?
Is this sth that we could set up?
š 1
Menelaos Kotoglou
07/17/2023, 10:01 AMcc @Konstantinos Koroneos @John Lim
b
Boris
07/17/2023, 10:49 AMHi Menelaos, yes, it's somehow possible - the token is always generated on behalf of specific user in your gooddata organization, so it inherits the permissions of the said user. So you can either provision separate user in GD based on users in your app, or at least have some shared users divided based on permissions.
Other than that, this scenario is definitely possible and there shouldn't be any major obstacles.
š 2