Flipt
[discourse] Restrict access to feature flags per teamS? #4335
-
|
Originally posted by dancer1325 on Discourse Hello dear community!!
|
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
|
I couldn't find any documentation or code in Flipt that supports restricting access to feature flags based on roles, teams, or similar entities. There are no references to role-based access control (RBAC) or team-based permissions for feature flags in the available docs, issues, or SDKs. If you need fine-grained access control per team or role, it doesn't appear to be natively supported at this time. If you have a specific workflow or integration in mind, let me know and I can help look for possible workarounds or alternatives. To reply, just mention @dosu. How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other |
Beta Was this translation helpful? Give feedback.
-
|
Reply from mark on Discourse: Hey @dancer1325 ! Great question! We support authorization using Open Policy Agent / Rego, which is an extremely configurable authz engine what uses policies defined by the user/operator to authorize requests. We do currently allow you to specify which GitHub teams a user must belong to for authentication, however, we don’t currently expose that information to the Authz policy engine to also allow you to make authz decisions based on the user’s GitHub team. I will create an issue on Flipt Open Source repo to add support for passing GitHub team membership to the authz policy engine, as well as provide examples on how to configure all this for your use case. We could likely make this generic so that any external authentication provider can provide its own metadata that the person configuring the Flipt policy can use to build out their policy. |
Beta Was this translation helpful? Give feedback.
-
|
Reply from mark on Discourse: I created the issue here: [FLI-1258] Allow passing GitHub 'claims'/metadata to Authz · Issue #3435 · flipt-io/flipt · GitHub Please feel free to add any additional context/requests there |
Beta Was this translation helpful? Give feedback.
-
|
Reply from dancer1325 on Discourse: Hey @mark , thank you for so fast reply. I have checked the issue and you comprehend my problem, yep. I will follow it, and in case of suggestions, I will share with you Thanks, again |
Beta Was this translation helpful? Give feedback.
Reply from dancer1325 on Discourse:
Hey @mark ,
thank you for so fast reply. I have checked the issue and you comprehend my problem, yep. I will follow it, and in case of suggestions, I will share with you
Thanks, again