Replies: 1 comment 9 replies
-
This will be something we have to carefully consider. The issues with this are actually quite substantial and not trivial at all. To list a few:
|
Beta Was this translation helpful? Give feedback.
9 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Some projects use headers to authenticate users. For example, Radarr and Sonarr allow access to their API using either a query parameter (http://site.com/api/...?apikey=mykey) or a header (
X-API-Key: mykey
).It would be good to add headers to access control in Authelia.
What I mean could look like the following, where only queries to
^/groups/dev/.*$
withX-API-Key
set tomykey
, or queries withX-API-Key
set tomykey2
, would be allowedand a similar logic to https://www.authelia.com/configuration/security/access-control/#query could be used.
I'm sure there is a better way to do this, but this is all i can think of tonight :P
Edit: forgot about
policy
Beta Was this translation helpful? Give feedback.
All reactions