https://flyte.org logo
#ask-ai
Title
# ask-ai
b

Broder Peters

03/21/2024, 9:44 AM
@Glime Can I limit authenticated users to certain projects or domains?
g

Glime

03/21/2024, 9:45 AM
Based on the provided context, it appears that Flyte does not currently support Role-Based Access Control (RBAC) directly within its system for limiting authenticated users to specific projects or domains. This limitation was explicitly mentioned in a response by Ketan (kumare3) on a discussion thread, where a user inquired about enforcing access controls on a per-project basis. Ketan's response was straightforward: "No RBAC in Flyte." However, for authentication and potentially limiting access at a higher level, Flyte supports integration with OAuth2 and external authorization servers, such as Okta. While OAuth2 scopes are sometimes thought to be a method for limiting access to specific projects or domains, Ketan clarified in another discussion that OAuth2 scopes are not used for this purpose within Flyte. Instead, the authorization server (e.g., Okta) should handle all aspects of authentication and authorization without needing Flyte's built-in authorization server for these specific use cases. Therefore, while Flyte itself does not provide built-in functionality for limiting authenticated users to certain projects or domains through RBAC, it does support integration with external authentication and authorization systems that might offer this capability. Organizations using Flyte are encouraged to configure their identity providers (IdPs) and authorization servers to manage access control according to their needs. --- This is an AI-generated response, take its recommendations with caution. Please help us improve the model accuracy by giving this response a thumbs up/thumbs down reaction. Sources https://discuss.flyte.org/t/2895716/is-there-any-way-to-enforce-access-controls-on-a-per-project/ https://discuss.flyte.org/t/12317140/hi-all-does-oauth2-let-me-limit-what-projects-users-can-read/ https://discuss.flyte.org/t/2427622/hello-flyte-team-do-i-permit-some-specific-users-can-access-/ 👍 button 👎 button
b

Broder Peters

03/21/2024, 9:45 AM
Ahh RBAC was the keyword I was looking for!
4 Views