Describe the problem to be solved
When I write automation against Grist, I'd like to let machine authenticate and get access to shared documents. Currently, machines are authenticated via the proxy of user accounts. This prevent separating automation and user accounts cleanly, for security and audit reasons.
Describe the solution you would like
I'd like to let machines authenticate to Grist using TLS client certificates (or JWT if you have weird firewalls) and configure Grist to accept a certain CA and map parameters of the certificate (let's say the CN) to put said machine user into a group or something and get access to new documents.
From there, these machines would go and acquire API tokens to fulfill their automation role.
Describe the problem to be solved
When I write automation against Grist, I'd like to let machine authenticate and get access to shared documents. Currently, machines are authenticated via the proxy of user accounts. This prevent separating automation and user accounts cleanly, for security and audit reasons.
Describe the solution you would like
I'd like to let machines authenticate to Grist using TLS client certificates (or JWT if you have weird firewalls) and configure Grist to accept a certain CA and map parameters of the certificate (let's say the
CN) to put said machine user into a group or something and get access to new documents.From there, these machines would go and acquire API tokens to fulfill their automation role.