Rethink permission requirements for Admin API DescribeCluster endpoint

Question

Rethink permission requirements for Admin API DescribeCluster endpoint

Closed this issue 8 months ago · 3 comments

Context

Cadence WEB is using admin.DescribeCluster API call to check if advanced visibility options are available for a cluster.
All admin.* calls require admin level token when OAuth is enabled. This makes WEB unusable for a user who has only "read" level access to specific domain(s).

There are multiple options how to resolve this issue:

Change DescribeCluster to require read level, you can't change anything anyway
Move this endpoint to "Frontend" API, change WEB to request Frontend API

Answer 1 · 2024-02-27T07:36:43.000Z

Hi @demirkayaender , does this require backend or frontend change. If backend, i would like to work on this, can you please provide some context on what are the required changes here.

Answer 2 · 2024-06-23T07:35:07.000Z

would like to work on this.

Answer 3 · 2024-06-27T11:44:11.000Z

For now, this is fixed with: #6081

Thanks for your interest @osho-20 !