[SERVER-73595] Add authorization provider option to exact-match usersInfo command Created: 03/Feb/23 Updated: 18/Jan/24 |
|
| Status: | Open |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Varun Ravichandran | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Sprint: | Security 2023-05-01, Security 2023-05-15, Security 2023-05-29, Security 2023-06-12, Security 2023-06-26, Security 2023-07-10 |
| Participants: |
| Description |
|
The exact-match usersInfo command will include an additional field called authorizationProvider that can resolve to one of {OIDC, Internal, LDAP, X.509}. When provided, the server will attempt to resolve the user's roles using the requested authorization provider and return an error otherwise. |
| Comments |
| Comment by Varun Ravichandran [ 12/Oct/23 ] |
|
elizabeth.roytburd@mongodb.com , I've added it to PM-3385 now that the scope has been approved and this ticket's goal was explicitly included in it. |