auth.proto
path mgmt/v1alpha1/auth.proto
package mgmt.v1alpha1
Messages
AccessToken
A decoded representation of an Access token from the backing auth server
Name | Type | Description |
---|
access_token | string | The access token that will be provided in subsequent requests to provide authenticated access to the Api |
refresh_token | optional string | Token that can be used to retrieve a refreshed access token.
Will not be provided if the offline_access scope is not provided in the initial login flow. |
expires_in | int64 | Relative time in seconds that the access token will expire. Combine with the current time to get the expires_at time. |
scope | string | The scopes that the access token have |
id_token | optional string | The identity token of the authenticated user |
token_type | string | The token type. For JWTs, this will be `Bearer` |
GetAuthStatusRequest
GetAuthStatusResponse
Name | Type | Description |
---|
is_enabled | bool | Whether or not the server has authentication enabled.
This tells the client if it is expected to send access tokens. |
GetAuthorizeUrlRequest
Name | Type | Description |
---|
state | string | The state that's generated by the client that is passed along to prevent tampering |
redirect_uri | string | The redirect uri that the client will be redirected back to during the auth request |
scope | string | The scopes the client is requesting as a part of the oauth login request |
GetAuthorizeUrlResponse
Name | Type | Description |
---|
url | string | The generated url that is the client will be redirected to during the Oauth flow |
GetCliIssuerRequest
GetCliIssuerResponse
Name | Type | Description |
---|
issuer_url | string | The backing authentication issuer url |
audience | string | The audience that will be used in the access token. This corresponds to the "aud" claim |
LoginCliRequest
Name | Type | Description |
---|
code | string | The oauth code |
redirect_uri | string | The oauth redirect uri that the client uses during the oauth request |
LoginCliResponse
Name | Type | Description |
---|
access_token | AccessToken | The access token that is returned on successful login |
RefreshCliRequest
Name | Type | Description |
---|
refresh_token | string | The token used to retrieve a new access token. |
RefreshCliResponse
Name | Type | Description |
---|
access_token | AccessToken | The access token that is returned on successful refresh |
Services
AuthService
Service that handles generic Authentication for Neosync
Today this is mostly used by the CLI to receive authentication information
LoginCli
RefreshCli
Method | RefreshCli |
---|
Request | RefreshCliRequest |
---|
Response | RefreshCliResponse |
---|
Description | Used by the CLI to refresh an expired Neosync accesss token.
This should only be used if an access token was previously retrieved from the `LoginCli` or `RefreshCli` methods. |
---|
GetCliIssuer
GetAuthorizeUrl
GetAuthStatus
Method | GetAuthStatus |
---|
Request | GetAuthStatusRequest |
---|
Response | GetAuthStatusResponse |
---|
Description | Returns the auth status of the API server. Whether or not the backend has authentication enabled.
This is used by clients to make decisions on whether or not they should send access tokens to the API. |
---|