Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: add a note arguing you should generate tokens #336

Merged
merged 4 commits into from
Aug 17, 2023

Conversation

oleobal
Copy link
Contributor

@oleobal oleobal commented Aug 8, 2023

Add a note at the top of the token generation howto, explaining why you should, what you should do if you don't, and that administrators can disable it.

I'd like to add a link to the proper helm chart value in that last item, but I don't really know what to link to (the value is server.allowImplicitLogin.

Companion PR to Substra/substra-backend#698

Similar to #335 and Substra/substra#378

@oleobal oleobal force-pushed the docs/why-generate-tokens branch 3 times, most recently from 963d524 to 25304bd Compare August 8, 2023 15:26
@oleobal oleobal marked this pull request as ready for review August 8, 2023 15:26
Copy link
Contributor

@RomainGoussault RomainGoussault left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR!

docs/source/documentation/api_tokens_generation.rst Outdated Show resolved Hide resolved
docs/source/documentation/api_tokens_generation.rst Outdated Show resolved Hide resolved
@oleobal
Copy link
Contributor Author

oleobal commented Aug 14, 2023

Waiting for Substra/substra-backend#698 to merge

oleobal and others added 3 commits August 16, 2023 17:38
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Co-authored-by: Sarah Diot-Girard <sarah.diot-girard@owkin.com>
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Co-authored-by: Sarah Diot-Girard <sarah.diot-girard@owkin.com>
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
@oleobal oleobal force-pushed the docs/why-generate-tokens branch from f291af2 to 1fc9672 Compare August 16, 2023 15:39
oleobal added a commit to Substra/substra-backend that referenced this pull request Aug 17, 2023
- Solve the issue of sometimes issuing tokens that are about to expire,
by just issuing an new token every time and relying on the SDK to clean them up

- Add a new `server.allowImplicitLogin` option, allowing node admins to
disable the option altogether in order to improve security practices.

- Extend `/active-api-tokens -X DELETE` to also be able to delete
`ImplicitBearerToken`, adding an `id` field to `ImplicitBearerToken` for
this purpose. This is to enable users to terminate their sessions, as
per security recommendations

Closes FL-1067, FL-1140

Companion to Substra/substra-documentation#336
Leveraged by Substra/substra#381

Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
@oleobal oleobal merged commit b889908 into main Aug 17, 2023
@oleobal oleobal deleted the docs/why-generate-tokens branch August 17, 2023 10:29
EazyAl pushed a commit to EazyAl/substra-documentation that referenced this pull request Aug 28, 2023
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Co-authored-by: Sarah Diot-Girard <sarah.diot-girard@owkin.com>
Signed-off-by: EazyAl <ali.imran@owkin.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants