OAuth2 Authorization Code Grant with PKCE Flow auth.py #1730
dean-taylor
started this conversation in
Ideas
Replies: 1 comment 1 reply
-
At present MONAI Label includes the OAuth2 Resource Owner Credentials Grant (Keycloak - Direct Grant). This discussion is in relation to extending this functionality. Addition of OAuth2 Authorization Code flow with PKCE provides a better security stance, allows the inclusion of MONAI Label into other workflows, can provide a more seamless user experience and would potentially pave the way for this product to find future growth within research initiatives. |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I propose that as a minimal viable product the current industry best practice OAuth2 Authorization Code Grant flow with PKCE be included within the supported authorization for MONAI Label.
Use case: Integrate MONAI Label into a larger suite of applications or workflows maintaining authnz.
In order to provide a good user experience within a supported client base and include functionality to allow appropriate authorization especially in a fields of research that requires a level of security. This requires support of an industry standard SSO to ensure authentication and authorization is managed.
Beta Was this translation helpful? Give feedback.
All reactions