Kubeapps token getting stored locally #4805
-
|
I see when i login to kubeapps passing the token, the token is getting stored in the local storage in kubeapps_auth_token. how to avoid this? images are attached for the reference. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @athreyagithub , the token is stored in the local storage, as you pointed out. This is the expected behavior: each time you call a Kubeapps API, this token will be used to authenticate each of these calls. What would you suggest? Also, regarding the source code, it is not an issue at all: every single line of code is public in this repo, I don't think we should offuscate it, no? Or do you have any concerns? Anyway, please note that the token-based authentication is NOT intended for production purposes. The recommended way is using OIDC to handle the authentication: https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/tutorials/using-an-OIDC-provider.md |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the quick reply. regarding source code, i understand, regarding the token getting stored i need to go with OIDC. |
Beta Was this translation helpful? Give feedback.
Hi @athreyagithub ,
the token is stored in the local storage, as you pointed out. This is the expected behavior: each time you call a Kubeapps API, this token will be used to authenticate each of these calls. What would you suggest?
Also, regarding the source code, it is not an issue at all: every single line of code is public in this repo, I don't think we should offuscate it, no? Or do you have any concerns?
Anyway, please note that the token-based authentication is NOT intended for production purposes. The recommended way is using OIDC to handle the authentication: https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/tutorials/using-an-OIDC-provider.md