Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6657

[RFE] Ability to generate API tokens for current role

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • False
    • None
    • False

      1. Proposed title of this feature request
      Non-admin generated tokens

      2. What is the nature and description of the request?
      Currently, only users with read/write access to APIToken can generate tokens. Those users can generate a token corresponding to any role, even Admin. The request is that users with non-admin roles can generate a token corresponding to their role. For example, a user with with the Analyst role could generate a token, but only a token with the Analyst role.

      3. Why does the customer need this? (List the business requirements here)
      In environments with many clusters belonging to different groups, the ACS Admins have to generate all tokens for users. Allowing users to generate their own without compromising security would save the Admins some effort.

      4. List any affected packages or components.
      Access Control

              atelang@redhat.com Anjali Telang
              rhn-support-dkaylor David Kaylor
              ACS Merlin (authn/authz/cli/ci/image-signing)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: