Is it possible to create an identity for resources (such as compute resource) and allow typical users (social identities) to obtain access tokens from the compute resource based on some rules?
Hi @kirinnee,
Welcome to the Community!
Can you expand on this use-case? I’m not sure I understand what this would look like. How would the resource issue tokens? Usually auth0 is issuing the token.
Let me know,
Dan
Hello, thank you for your reply!
It’s a system that allows multiple users to become an organization, and that to manage resources.
A simplified use-case would be multiple users can join an organization, which has a collection of resources. Each of these resource can have different action performed on it (such as read, update or delete). How do I let each user in the organization to have fine-grain control over who has what types of permission with each specific resource?
A concrete example would be that the organization has 2 compute resources: Compute-A and Compute-B, which for each compute resource, actions that are permissible are log, monitor, deploy or destroy.
As an organization admin, I want to allow user-A to be able to use log and deploy on Compute-A but only monitor on Compute-B.
I imagine in a full oicd + oauth2 system, each of these resources, Compute-A and Compute-B are considered an identity, and users will be able to proxy obtain these access token to deploy or monitor them based on ow the proxy is established.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.