guardian icon indicating copy to clipboard operation
guardian copied to clipboard
verified publisher icon raystack

Authorise Guardian API

Open singhvikash11 opened this issue 3 years ago • 0 comments

Summary Currently, whoever has access to Guardian APIs like registering a provider, approving an appeal, revoking the access etc can trigger this APIs w/o any authorization.

Proposed solution Proxy Guardian Admin APIs behind the Shiled and check authorization of people as configured in guardian-shield proxy.

singhvikash11 avatar Jul 12 '22 07:07 singhvikash11