Permissions and RBAC controls for API tokens
complete
Mor Paz - Port team
Right now API tokens have Admin permissions, they can perform any operation - CRUD operations on the catalog, as well as triggering self-service actions.
This feature aims to add support for permissions and RBAC support to API tokens. This would enable for example API tokens with read only access, tokens that can only trigger actions but are unable to directly change the catalog and more.
Dudi - Port team
complete
We released the Personal Access Token feature!
It allows you to generate access tokens with the permissions of the authenticated user (via the "credentials" section in Port), enabling you to define access control at the API usage level.
O
Oded Engel
Would help me a lot with what i'm trying to achieve. (Triggering runs via a Slack bot).
Please let us know once you have ETA.
Y
Yonatan Boguslavski
planned
G
Göran Krampe
Yes, definitely something we would need down the road!