This message was deleted.
# opals
Slackbot
02/10/2023, 4:24 PMThis message was deleted.
f
Filip
02/10/2023, 4:32 PMHi @Samuel Carlier - Are you directly referring to the optional JWT token you can pass in with the OPAL Client? You are able to create new JWT tokens using the OPAL Server Master token via the API. You can give an exp to this JWT, if you wish
s
Samuel Carlier
02/10/2023, 4:39 PMYes i am referring to the optional JWT token.
The problem that i am facing is that these tokens are hard-coded in the OPAL Clients through env variables. So when they expire new token need to be placed on the clients.
Creating tokens for like a year would mitigate the problem a bit, but creates a risk if the token was leaked.
o
Or Weis
02/10/2023, 5:18 PMYou can automate the token creation, and simply restart the client. That's actually a best practice to re-roll tokens and restart once in a while.
Or Weis
02/10/2023, 5:19 PMAlso look at OPAL scopes
https://docs.opal.ac/overview/scopes/
s
Samuel Carlier
02/13/2023, 8:19 AMWas looking if something was available without client restarts.
Got some work around for now. Any plans for adding oauth support in the client?
o
Or Weis
02/13/2023, 8:28 AMNo plans at the moment for oAuth (maybe worth opening an issue for this on GitHub with more details on what you have in mind here)
We do have plans to make OPAL have more dynamic configuration.
👍 1
2 Views