auth.proto
path mgmt/v1alpha1/auth.proto
package mgmt.v1alpha1
Messages
AccessToken
A decoded representation of an Access token from the backing auth server
| Name | Type | Description |
|---|
access_token | string | The access token that will be provided in subsequent requests to provide authenticated access to the Api |
refresh_token | optional string | Token that can be used to retrieve a refreshed access token.
Will not be provided if the offline_access scope is not provided in the initial login flow. |
expires_in | int64 | Relative time in seconds that the access token will expire. Combine with the current time to get the expires_at time. |
scope | string | The scopes that the access token have |
id_token | optional string | The identity token of the authenticated user |
token_type | string | The token type. For JWTs, this will be `Bearer` |
CheckTokenRequest
CheckTokenResponse
GetAuthStatusRequest
GetAuthStatusResponse
| Name | Type | Description |
|---|
is_enabled | bool | Whether or not the server has authentication enabled.
This tells the client if it is expected to send access tokens. |
GetAuthorizeUrlRequest
| Name | Type | Description |
|---|
state | string | The state that's generated by the client that is passed along to prevent tampering |
redirect_uri | string | The redirect uri that the client will be redirected back to during the auth request |
scope | string | The scopes the client is requesting as a part of the oauth login request |
GetAuthorizeUrlResponse
| Name | Type | Description |
|---|
url | string | The generated url that is the client will be redirected to during the Oauth flow |
GetCliIssuerRequest
GetCliIssuerResponse
| Name | Type | Description |
|---|
issuer_url | string | The backing authentication issuer url |
audience | string | The audience that will be used in the access token. This corresponds to the "aud" claim |
LoginCliRequest
| Name | Type | Description |
|---|
code | string | The oauth code |
redirect_uri | string | The oauth redirect uri that the client uses during the oauth request |
LoginCliResponse
| Name | Type | Description |
|---|
access_token | AccessToken | The access token that is returned on successful login |
RefreshCliRequest
| Name | Type | Description |
|---|
refresh_token | string | The token used to retrieve a new access token. |
RefreshCliResponse
| Name | Type | Description |
|---|
access_token | AccessToken | The access token that is returned on successful refresh |
Services
AuthService
Service that handles generic Authentication for Neosync
Today this is mostly used by the CLI to receive authentication information
LoginCli
RefreshCli
| Method | RefreshCli |
|---|
| Request | RefreshCliRequest |
|---|
| Response | RefreshCliResponse |
|---|
| Description | Used by the CLI to refresh an expired Neosync accesss token.
This should only be used if an access token was previously retrieved from the `LoginCli` or `RefreshCli` methods. |
|---|
CheckToken
GetCliIssuer
GetAuthorizeUrl
GetAuthStatus
| Method | GetAuthStatus |
|---|
| Request | GetAuthStatusRequest |
|---|
| Response | GetAuthStatusResponse |
|---|
| Description | Returns the auth status of the API server. Whether or not the backend has authentication enabled.
This is used by clients to make decisions on whether or not they should send access tokens to the API. |
|---|