revert: rename back to docs directory
This commit is contained in:
Timur Gordon
28
docs/supervisor/auth.md
Normal file
28
docs/supervisor/auth.md
Normal file
@@ -0,0 +1,28 @@
|
||||
## Supervisor Authentication
|
||||
|
||||
The supervisor has two authentication systems:
|
||||
|
||||
1. An authentication system based on scoped symmetric API keys.
|
||||
2. An authentication of the signatures of a job's canonical representation.
|
||||
|
||||
The first is used to control access to the supervisor API, the second is used to authenticate the signatories of a job, such that the runners can implement access control based on the signatories.
|
||||
|
||||
#### API Key Management
|
||||
|
||||
API keys are used to authenticate requests to the supervisor. They are created using the `auth.key.create` method and can be listed using the `key.list` method.
|
||||
|
||||
#### API Key Scopes
|
||||
|
||||
API keys have a scope that determines what actions they can perform. The following scopes are available:
|
||||
|
||||
- `admin`: Full access to all supervisor methods.
|
||||
- `registrar`: Access to methods related to job registration and management.
|
||||
- `user`: Access to methods related to job execution and management.
|
||||
|
||||
#### API Key Usage
|
||||
|
||||
API keys are passed as a header in the `Authorization` field of the request. The format is `Bearer <key>`.
|
||||
|
||||
#### API Key Rotation
|
||||
|
||||
API keys can be rotated using the `key.remove` method. This will invalidate the old key and create a new one.
|
||||
Reference in New Issue
Block a user