Introduce realms in documentation
This commit is contained in:
Nico Schottelius
parent
a58886979f
commit
9f7e76f066
1 changed files with 19 additions and 1 deletions
20
README.md
20
README.md
|
|
@ -34,7 +34,25 @@ The usual instructions on how to setup an https proxy should be followed.
|
|||
Access is granting/denied based on realms. There are two reserved
|
||||
realms, all other realms can be used by the users:
|
||||
|
||||
* ungleich-admin: realm??
|
||||
### Reserved realms
|
||||
|
||||
Conceptually the realms "ungleich-admin" and "ungleich-auth" are
|
||||
reserved for higher priviliged applications.
|
||||
|
||||
Usually there is only 1 entry in ungleich-admin that is used to
|
||||
bootstrap and manage ungleich-otp.
|
||||
|
||||
All micro services that are trusted to authenticate another micro
|
||||
service should have an entry in the ungleich-auth realm, which allows
|
||||
them to verify a token of somebody else.
|
||||
|
||||
|
||||
| Name | Capabilities |
|
||||
|------------------+--------------------------------------------|
|
||||
| ungleich-admin | authenticate, create, delete, list, update |
|
||||
| ungleich-auth | authenticate |
|
||||
| all other realms | NO ACCESS |
|
||||
|
||||
|
||||
## Status ##
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue