[MGNLREST-71] Rest authentication with API Tokens on DXCore Created: 28/Jun/16 Updated: 13/Sep/23 |
|
| Status: | Accepted |
| Project: | Magnolia REST Framework |
| Component/s: | None |
| Affects Version/s: | 1.1.1 |
| Fix Version/s: | None |
| Type: | Story | Priority: | Neutral |
| Reporter: | Christopher Zimmermann | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||||||||||
| Epic Link: | Support | ||||||||||||||||||||||||||||||||
| Team: | |||||||||||||||||||||||||||||||||
| Description |
|
Currently, we are only providing Basic Authentication for accessing content (or any operation) through our REST API. For situations where restricted content will be commonly called, such as an intranet this either requires the user to enter the credentials multiple times, or for the client to store the credentials - both of which are not desirable. Magnolia should provide a way for a client to remain authenticated, possibly through a cookie / OAUTH system. This is on the public roadmap: https://portal.productboard.com/magnolia/1-magnolia-roadmap/c/40-authenticate-with-api-tokens
For additional details, please see linked: https://jira.magnolia-cms.com/browse/SUGGEST-41 |
| Comments |
| Comment by Christopher Zimmermann [ 06/Oct/21 ] |
|
Related Incubator Module: https://git.magnolia-cms.com/projects/INCUBATOR/repos/rest-security/browse |
| Comment by Mykola [ 09/Jun/23 ] |
|
I don't know if this is a good place for this question, but I see many similar tasks were closed in favor of this one. |