Skip to content

properly fix patching /credentials sub-paths #4279

New issue
New issue
Closed as not planned
#4393
Closed as not planned
properly fix patching /credentials sub-paths#4279
#4393
Labels
staleFeedback from one or more authors is required to proceed.
@hperl

Description

@hperl
hperl
opened on Jan 28, 2025

Ideally, for both create, patch, and PUT operations, the following should be implemented with proper
validation:

  1. Passwords:

    • Set or change passwords (with validation ensuring the hash or plaintext password is correct).
    • Delete passwords.

  2. OIDC:

    • Set or change OIDC subject and provider.
    • Delete OIDC subject and provider.

  3. WebAuthn and Passkey Credentials:

    • Set, change, or delete WebAuthn and passkey credentials (e.g., to import passkey users).

  4. Code Credentials:

    • Activate or deactivate code credentials.

  5. TOTP:

    • Set, change, or delete TOTP configurations.

  6. Lookup Secrets:

    • Set, change, or delete lookup secrets.

Restrictions:
What should not be allowed is:

  • Adding arbitrary keys to the config object.
  • Changing identifiers that are typically set by the system.
  • Modifying keys that should only be set by the system.

Originally posted by @aeneasr in #4277 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    staleFeedback from one or more authors is required to proceed.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions