docs: authentication & authorization system design (epic #79) #95

Open
unkinben wants to merge 1 commits from benvin/auth-design-doc into master

1 Commits

Author SHA1 Message Date
unkinben 67cedf9bba docs: design for authentication & authorization system
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/build Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
Add docs/auth.md describing the default-open auth/authz design: service
account and user principals, hashed bearer tokens, a path+capability ACL
model (read/write/delete/create), an observe-only enforcement middleware
gated by AUTH_ENFORCE, Vault mint/revoke integration with a companion
vault-plugin-secrets-artifactapi engine, OIDC/LDAP user login, and a
phased delivery plan.

Refs #79
2026-07-02 00:51:51 +10:00