Hello,
I'm trying to implement an oauth client that validates the group
membership of the authenticated users using the model "Service Accounts
as OAuth Clients" (Origin 1.4)
According to the documentation, this would generate a scoped token that
could use user:info / user:check-access. This would grant access to the
group membership of the user.
However, using the common 'oapi/1/users/~' we don't get the group
information (it's empty as I guess it's coming from the deprecated
groups field
https://docs.openshift.org/latest/rest_api/openshift_v1.html#v1-user )
Said that, what's the proposed way of querying the group membership
information of the user using service accounts as oauth clients? Is it
enough with the default role schema?
Thanks!
Luis
_______________________________________________
dev mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
