You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have tried to create new resources and scopes (permissions) from the Admin console in Logto (OSS version).
And it is really heavy to define a lot of resources or permissions via UI or Management API. Therefore, I was thinking about a more efficient way to sync configurations between the project repo and the Logto instance.
Describe what you'd like Logto to have
To have a single source of truth for all permissions and resources definitions in Logto, it will be great if we could do provisioning from a configuration file that we define in our repo. Using the Management API or other methods, we can then update all configurations in a single request or update (w/ appropriate security checks: Auth headers, ...).
As an example, it could be a yaml, toml or json config file with the following patterns:
Hi @LBF38 this is a really good point. We are proposing similar product ideas. An additional idea, do you have similar needs for organization set up? Because in organization level it also have role-based access control
Thanks for your reply @fleuraly , I haven't used yet the organisations and associated RBAC. Therefore, I don't have enough experience with it to provide insightful feedbacks.
I would imagine a similar config file with specific keys and helpers for defining it.
@LBF38 Thanks for providing some context! Your suggestion makes total sense. Navigating through the UI or management API isn’t efficient when you already have an RBAC design or need bulk management. I’m currently working on this feature, so please stay tuned. :)
What problem did you meet?
I have tried to create new resources and scopes (permissions) from the Admin console in Logto (OSS version).
And it is really heavy to define a lot of resources or permissions via UI or Management API. Therefore, I was thinking about a more efficient way to sync configurations between the project repo and the Logto instance.
Describe what you'd like Logto to have
To have a single source of truth for all permissions and resources definitions in Logto, it will be great if we could do provisioning from a configuration file that we define in our repo. Using the Management API or other methods, we can then update all configurations in a single request or update (w/ appropriate security checks: Auth headers, ...).
As an example, it could be a
yaml
,toml
orjson
config file with the following patterns:An idea of a workflow could be to update it using the
logto
CLI with a command similar tologto cli permissions update <config_file.yml>
.What do you think ?
The text was updated successfully, but these errors were encountered: