kudrvet - Hello! We are setting up an embedded...
Hello!
We are setting up an embedded liveboard in our application for the first time.
Currently, we’re facing an issue with configuring secure tokens to ensure each user in our application has access only to their own entities within a shared liveboard.
For this purpose, I’m using the following request, and we dynamically create users on-the-fly.
I expect the generated token to restrict access exclusively to the specified filter values, but in practice, it doesn’t enforce any restrictions.
curl --request POST \
--url https://our.cloud/api/rest/2.0/auth/token/custom \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'user-agent: '''something'''' \
--data '{
"username": "test_contractor_2",
"email": "[email protected]",
"display_name": "test_contractor",
"validity_time_in_sec": 604800,
"persist_option": "REPLACE",
"auto_create": true,
"filter_rules": [
{
"column_name": "Contractor Company",
"operator": "EQ",
"values": [
"1-800-hansons"
]
}
],
"secret_key": "some_token",
"objects": [
{
"type": "LOGICAL_TABLE",
"identifier": "TS_CONTRACTORS"
}
]
}'
2 Replies
Hi @kudrvet
The JWT ABAC feature is disabled by default for all instances. If you need this feature enabled, could you please raise a support request.
Also, could you please confirm the release version of your cluster?
cc: @Nicolas
hi!
thanks, got it.
verison is 10.6.0.cl-279