-
Notifications
You must be signed in to change notification settings - Fork 285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🗺️ Authentication Support #3433
Comments
when are we planning to do this? |
We will start in the coming month. |
Thank you for planning this! This would be very helpful! |
Would be amazing to see this in the product! Commenting to follow progress. |
axiomofjoy
changed the title
🗺️ Authentication support (OAuth)
🗺️ Authentication Support
Aug 5, 2024
Marking this milestone closed as Auth and RBAC is shipped in 5.0. Please feel free to file enhancement requests and we will triage them as follow-ups! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Phoenix has evolved from a notebook tool to an application backed by a database and deployed as an OCI container. Since building persistence into Phoenix, the most common ask from end users has been the ability to deploy Phoenix with authorization. While it's currently possible to secure an instance of Phoenix by deploying it behind a reverse-proxy and implementing custom authentication, this requires significant effort and expertise on the part of the user. Not only are spans, traces, and datasets potentially private, but certain planned features such as prompt playground require the storage of API keys. Building auth will allow users to easily and securely store sensitive data in deployed instances of Phoenix and will unlock development on a new set of features.
Our goal is to enable users to deploy authenticated instances of Phoenix in a straightforward and secure way.
👓 Tech spec
Preliminaries
First Milestone (Local Auth)
Database
users
androles
table #4012api_keys
table #4057Server
ENABLE_AUTH
setting through frontend #4192PHOENIX_DANGEROUSLY_ENABLE_EXPERIMENTAL_AUTH
env var #4041PHOENIX_CLIENT_SECRET
environment variable #3728PHOENIX_ENABLE_AUTH
#4042PHOENIX_SECRET
to ensure a strong symmetric key is used #4177Client
api_key
parameter andPHOENIX_API_KEY
env var #4056UI
GraphQL API
User
node type #4040APIKey
node type #4063createUser
resolver #4037getUsers
resolver #4049patchUser
resolver #4038deleteUsers
resolver #4039patchSelfUser
resolver #4052getUserAPIKeys
resolver #4061createUserAPIKey
mutation #4058deleteUserAPIKeys
mutation #4059getSystemAPIKeys
resolver #4233createSystemAPIKey
resolver #4234deleteSystemAPIKey
mutation #4272deleteUserAPIKey
mutation to allow for amember
user to delete their own keys #4513REST API
/exports
route is protected when auth is enabled #4588gRPC API
CI
Testing
Documentation
Cleanup
Facilitator
logic #4594Punt
Second Milestone (SMTP Integration)
Server
Third Milestone (OAuth2 support)
pyjwt
#4650The text was updated successfully, but these errors were encountered: