mcvsphere

MCP/mcvsphere

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ryan Malloy	ab83c70c31	docs: update OAuth/RBAC architecture documentation Rewrites the architecture doc from design proposal to implementation reference. Documents the complete RBAC system including: - 5 permission levels (READ_ONLY → FULL_ADMIN) - 5 OAuth groups with permission mappings - RBACMiddleware implementation details - Audit log format with user identity - Configuration environment variables - OIDC provider setup (Authentik example) - Troubleshooting guide for common issues Updates implementation checklist to reflect completed status.	2025-12-27 08:22:02 -07:00
Ryan Malloy	f843a8a161	add OAuth architecture design document - Service Account + OAuth Audit model for vCenter integration - Authentik as OIDC provider with JWT validation - Permission escalation based on OAuth groups - Credential broker pattern for user mapping - Implementation checklist and environment variables	2025-12-27 00:53:24 -07:00

Author

SHA1

Message

Date

Ryan Malloy

ab83c70c31

docs: update OAuth/RBAC architecture documentation

Rewrites the architecture doc from design proposal to implementation
reference. Documents the complete RBAC system including:

- 5 permission levels (READ_ONLY → FULL_ADMIN)
- 5 OAuth groups with permission mappings
- RBACMiddleware implementation details
- Audit log format with user identity
- Configuration environment variables
- OIDC provider setup (Authentik example)
- Troubleshooting guide for common issues

Updates implementation checklist to reflect completed status.

2025-12-27 08:22:02 -07:00

Ryan Malloy

f843a8a161

add OAuth architecture design document

- Service Account + OAuth Audit model for vCenter integration
- Authentik as OIDC provider with JWT validation
- Permission escalation based on OAuth groups
- Credential broker pattern for user mapping
- Implementation checklist and environment variables

2025-12-27 00:53:24 -07:00

2 Commits