Roman Levytskyi05/31/2023, 11:32 AM
or both. The only way to do that is
method which seems to be highly inefficient with
of items in the DB.
The why: tenants may override/create their own roles based on the list of available resources (fetched from authorization server policies) and their actions (extracted from policies). Is that even possible?
Thank you 🙏
endpoint of the Cerbos Admin API currently doesn't have a way to filter policies by their attributes. We worked with the assumption that the users will be aware of all the resources and actions they have on the system. So, the case for filtering policies to dynamically discover them hasn't really come up before. It might be possible for us to add some filtering capability to the
endpoint. However, if you want to discover the available actions as well, you'll have to parse the policies yourself because we don't store that kind of metadata about the policies. Furthermore, policies can be written with wildcard actions so it's not guaranteed that you'll be able to get the full list that way anyway.
Roman Levytskyi05/31/2023, 2:26 PM
id format, is it stable?
Roman Levytskyi05/31/2023, 3:23 PM