-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authorization for local deployment #15711
Comments
hi @Jesse-jApps - thank you for the issue! there's been some discussion on this here, and I think its worth revisiting at this point. I think we'd want to avoid user/pass auth, as there is explicitly no concept of a user in OSS, but a simple token auth might be a good option. What do you think about that? |
@zzstoatzz It it good have same authorization as prefect cloud where we can use prefect api key in authorization to secure the prefect OSS server |
If you are willing to add this feature, there were users who were willing to add a PR. @pbecotte ? |
Thanks for the feedback. Back in 2020 the decision was to not add any auth, since it is expected to be network internal only, see here. |
Describe the current behavior
When deploying Prefect on-premise, it is not possible to configure custom authorization methods, such as Basic Auth. For example, when somebody uses a reverse-proxy setup and wants to protect the API and Dashboard with additional authorization. While Prefect Cloud uses API keys for Bearer-like authorization, on-premise deployments lack configurable authorization options.
Describe the proposed behavior
The option to define
httpx_settings
globally. The idea is, that this somehow implemented:But properly, generally and via a proper config.
Example Use
Possibly authorization can be defined via ENV-Variables.
Additional context
No response
The text was updated successfully, but these errors were encountered: