Rafiki: Security mechanism for the Rafiki Admin API & UI #17

AlexLakatos · 2022-10-03T11:57:16Z

Summary

Currently, the GraphQL Admin API in Rafiki is using "same network" as a security concern. We'd like to explore and implement a more secure policy for it, looking at Basic Auth and MTLS.

The Admin UI is unsecured right now, we'll need to add login screens to that as well.

Intended Outcomes

Design, spec and implement a security mechanism for the Admin API.

How will it work?

There is a secure communication mechanism between the account provider and the backend service.

Links

Resources

matdehaast · 2022-10-17T11:51:33Z

Sabine has work already that does some of this, we need to work out how that would fit in here.

AlexLakatos changed the title ~~ACL/Security of Rafiki~~ Security mechanism for the Rafiki Admin API Oct 3, 2022

AlexLakatos changed the title ~~Security mechanism for the Rafiki Admin API~~ Security mechanism for the Rafiki Admin API & UI Apr 3, 2023

huijing changed the title ~~Security mechanism for the Rafiki Admin API & UI~~ Rafiki: Security mechanism for the Rafiki Admin API & UI Oct 23, 2023

huijing added the rafiki label Oct 23, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Rafiki: Security mechanism for the Rafiki Admin API & UI #17

Rafiki: Security mechanism for the Rafiki Admin API & UI #17

AlexLakatos commented Oct 3, 2022 •

edited

Loading

matdehaast commented Oct 17, 2022

Rafiki: Security mechanism for the Rafiki Admin API & UI #17

Rafiki: Security mechanism for the Rafiki Admin API & UI #17

Comments

AlexLakatos commented Oct 3, 2022 • edited Loading

Summary

Intended Outcomes

How will it work?

Links

Resources

matdehaast commented Oct 17, 2022

AlexLakatos commented Oct 3, 2022 •

edited

Loading