vulcan-sql icon indicating copy to clipboard operation
vulcan-sql copied to clipboard
verified publisher icon Canner

[RFC] Add OIDC authentication extension

Open cyyeh opened this issue 2 years ago • 0 comments

What’s the problem you're trying to solve

Currently, VulcanSQL provides with several basic authentication/authorization mechanisms such as HTTP Basic. However, there are more secure and standard ways for authentication and authorization these days. OIDC(OpenID Connect) is one of them. OpenID Connect (OIDC) is an identity layer built on top of the OAuth 2.0 framework. It allows third-party applications to verify the identity of the end-user and to obtain basic user profile information without the end-user giving his/her credentials.

Describe the solution you’d like

The proposed solution is built for the VulcanSQL API server. API consumers need to pass the access token given by their OIDC identity provider in the API request header.

Additional context

References

  • https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
  • https://blog.postman.com/how-to-access-google-apis-using-oauth-in-postman
  • https://docs.confluent.io/cloud/current/access-management/authenticate/oauth/access-rest-apis.html

cyyeh avatar Sep 18 '23 01:09 cyyeh