Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need for fine-grained per-channel authn/authz #306

Closed
jstoiko opened this issue Jan 21, 2020 · 3 comments
Closed

Need for fine-grained per-channel authn/authz #306

jstoiko opened this issue Jan 21, 2020 · 3 comments
Labels
keep-open Prevents stale bot from closing this issue or PR

Comments

@jstoiko
Copy link
Contributor

jstoiko commented Jan 21, 2020

The current authn/authz mechanism described with securitySchemes in AsyncAPI 2.0 works at a global level, i.e. it is definable inside the server node. oAuth2 “scopes” allows to provide some authz metadata related to specific channels however 1) it only applies to oAuth2 and 2) it applied to the entire API.

Sometimes, an API may have different channels supporting a different set of permissions. Those permissions are usually reflected in the security scheme being used. Therefor, it would be nice to have the ability to set securitySchemes at the channel level.
@samihus samihus mentioned this issue Feb 19, 2020
Closed
@fmvilas fmvilas added the keep-open Prevents stale bot from closing this issue or PR label Mar 13, 2020
@fmvilas fmvilas added this to the AsyncAPI specification 2.1.0 milestone Mar 13, 2020
@fmvilas fmvilas removed this from the Next specification version milestone May 12, 2021
@github-actions github-actions bot added the stale label Oct 5, 2021
@asyncapi asyncapi deleted a comment from github-actions bot Oct 5, 2021
@derberg derberg removed the stale label Oct 5, 2021
@derberg
Copy link
Member

derberg commented Oct 5, 2021

@jstoiko have you seen #584 ?

@devthejo
Copy link

this isn't anymore possible to implement security at channel level in the asyncapi spec version 3 ?

@derberg Volta.net
Copy link
Member

derberg commented Nov 4, 2024

@devthejo it was also not possible on channel level prior v3

v2 and v3 are not different in that aspect, security is either on server level or fine grained on operation level.

I will close this issue as it is super old, before we added security on operation level. Also @jstoiko is no longer active in community for over 3 years.

@devthejo if in your opinion security is not enough to be fine grained on operation level, please open a separate issue with detailed explanation for the use case and explanation why current functionality is not good enough for your use case

@derberg derberg closed this as completed Nov 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
keep-open Prevents stale bot from closing this issue or PR
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fmvilas @devthejo @derberg @jstoiko