diff options
| author | mo khan <mo@mokhan.ca> | 2022-03-29 12:40:10 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2022-03-29 12:40:10 -0600 |
| commit | 13f0cd7382f97d68b66583185c85b8566199c06f (patch) | |
| tree | 904d28f7258a702978789e1c859f4c00da2c34e8 /doc | |
| parent | d7517092cc8e616b2934c343c633401931150c66 (diff) | |
add links to RFCs
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/authz/README.md | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/doc/authz/README.md b/doc/authz/README.md index 7272ad7..058d139 100644 --- a/doc/authz/README.md +++ b/doc/authz/README.md @@ -1,11 +1,8 @@ +# Thinking Out Loud - -* RFC 7519 - JSON Web Token (JWT) -* RFC 6749 - OAuth 2.0 Authz Framework - -# Enforcing authz +## Enforcing authz Give me a token with these claims: @@ -45,9 +42,9 @@ Authorization: Bearer my.jwt.token } -# Managing authz +## Managing authz -* +* ## TFC @@ -73,8 +70,6 @@ Authorization: Bearer my.jwt.token 8. browser presents access token with JWT claims. 9. resource server verifies claims in the token and determines if subject has access to the resource. - - ```plaintext | ------------------- | |->| gRPC Gateway | @@ -189,11 +184,13 @@ TODO: ### References: -* https://github.com/hashicorp/cloud-resource-manager * [HCP-007 Resource hierarchy and IAM](https://docs.google.com/document/d/1sawA84ZLt768RIi4VZuCfVUSthAcpcc4ufAkWj-9nlc) * [HCP-104 Permission naming](https://docs.google.com/document/d/1ZKBRVBKqZU_l4WcKLugYgY_IUACM4SGHWpnJAuWUf70) * [HCP-128 Internal Operators](https://docs.google.com/document/d/1x2z0jSOGt0l-sHsbBunepOJeuR62yL31_otNmkd0KNc) -* [HCP-183 Provisioning roles and permissions](https://docs.google.com/document/u/0/d/10gl7CaoISY5dIqEeIoCdES2yQrrJn26bIUp0mHhvBDk) * [HCP-167 Human operators RBAC](https://docs.google.com/document/d/14wluO-VnTz5ku5qN5KDkBZCoBgtOZLobMK4Fb1yfn6w) -* [Joe](https://hashicorp.zoom.us/rec/share/v8FpIZfpxmhOZ5HJ6WjQW4whBYP3X6a813BNrPALy034-oF5wTfbterEkePMGqM) password: &445zfl0 -* [Alex Dadgar](https://hashicorp.zoom.us/rec/share/_mMXheCQJuXTdblyq3uzNsq8PNYj3tI-r2pVJNU-QWSzx3TrvghRJ2AJex-4WHZQ.CRT--WKINJRLg1-b) password: *y$cLK39 +* [HCP-183 Provisioning roles and permissions](https://docs.google.com/document/u/0/d/10gl7CaoISY5dIqEeIoCdES2yQrrJn26bIUp0mHhvBDk) +* [Presentation: Alex Dadgar](https://hashicorp.zoom.us/rec/share/_mMXheCQJuXTdblyq3uzNsq8PNYj3tI-r2pVJNU-QWSzx3TrvghRJ2AJex-4WHZQ.CRT--WKINJRLg1-b) password: `*y$cLK39` +* [Presentation: Joe](https://hashicorp.zoom.us/rec/share/v8FpIZfpxmhOZ5HJ6WjQW4whBYP3X6a813BNrPALy034-oF5wTfbterEkePMGqM) password: `&445zfl0` +* [RFC 6749 - OAuth 2.0 Authz Framework](https://datatracker.ietf.org/doc/html/rfc6749) +* [RFC 7519 - JSON Web Token (JWT)](https://datatracker.ietf.org/doc/html/rfc7519) +* https://github.com/hashicorp/cloud-resource-manager |