Skip to content

feat: replace ExternalAPIKeyScopes with detailed ScopeCatalog #20248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: thomask33/09-30-api_allowlist_structured_json
Choose a base branch
from
Draft

feat: replace ExternalAPIKeyScopes with detailed ScopeCatalog #20248

wants to merge 1 commit into from

Conversation

ThomasK33
Copy link
Member

Enhance API Key Scopes Catalog

This PR enhances the API key scopes catalog by replacing the flat list of external scopes with a more structured and informative catalog. The new catalog organizes scopes into three categories:

  1. Special scopes - Legacy scopes like "all" and "application_connect" that remain for backward compatibility
  2. Low-level scopes - Basic resource:action pairs with metadata about the resource and action
  3. Composite scopes - Higher-level "coder:*" scopes with information about what low-level scopes they expand to

The changes include:

  • Replacing ExternalAPIKeyScopes with a more detailed ScopeCatalog structure
  • Adding helper functions to extract metadata about each scope type
  • Updating API documentation and tests to reflect the new structure
  • Renaming the endpoint handler from listExternalScopes to listScopeCatalog

This enhancement provides more context about each scope, making it easier for users to understand what permissions they're requesting when creating API keys.

@ThomasK33 ThomasK33 mentioned this pull request Oct 9, 2025
Draft
@ThomasK33 Graphite App
Copy link
Member Author

ThomasK33 commented Oct 9, 2025
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@ThomasK33 ThomasK33 mentioned this pull request Oct 9, 2025
Draft
@ThomasK33 ThomasK33 force-pushed the thomask33/10-09-add_scope_catalog_api branch from d26265a to d8c07af Compare October 14, 2025 13:36
@ThomasK33 ThomasK33 force-pushed the thomask33/09-30-api_allowlist_structured_json branch from 90212e3 to ac2e772 Compare October 14, 2025 13:36
@ThomasK33 ThomasK33 force-pushed the thomask33/10-09-add_scope_catalog_api branch from d8c07af to 8b28268 Compare October 14, 2025 13:57
@ThomasK33 ThomasK33 force-pushed the thomask33/09-30-api_allowlist_structured_json branch from ac2e772 to fd23c4d Compare October 14, 2025 13:57
@ThomasK33
feat: expose scope catalog metadata for API scopes
2026c82 
Replace the scopes endpoint response with a structured catalog so API
clients can inspect specials, low-level, and composite scopes.
Expose new metadata builders in rbac and codersdk, update swagger docs,
and adjust the API test to cover the richer catalog payload.
@ThomasK33 ThomasK33 force-pushed the thomask33/09-30-api_allowlist_structured_json branch from fd23c4d to a48aa91 Compare October 14, 2025 14:11
@ThomasK33 ThomasK33 force-pushed the thomask33/10-09-add_scope_catalog_api branch from 8b28268 to 2026c82 Compare October 14, 2025 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Emyrk Emyrk Awaiting requested review from Emyrk Emyrk will be requested when the pull request is marked ready for review Emyrk is a code owner

Assignees

@ThomasK33 ThomasK33

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ThomasK33