|
|
|
|
|
|
by jcmartinezdev
130 days ago
|
|
|
There are multiple ways, you can use known authorization methods like RBAC, or if you want something more fancy ReBac (tools like openfga, https://openfga.dev). But there's only so much that you can do with that, if you need to call third party APIs on the user's behalf I'd recommend going with a solution revolving around custom token exchange (https://datatracker.ietf.org/doc/html/rfc8693). You can check something like Auth0 offers: https://auth0.com/ai Which would cover things like token exchange for third party APIs, human in the loop, and also authorization methods. |
|
|