You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At Firmhouse, we'd like to start controlling server configuration via API. For example, we would like to allow our product Airstrip (which is deployed via Intercity) to dynamically add/remove domain names from an application.
Ideally, we create some kind of API for this so that external apps can control certain data attributes of servers or applications managed via Intercity, and that it kicks off the underlying processes and Dokku plugins.
Here's my initial take on this:
We allow for application access tokens to be generated by creating "Applications" via the Intercity admin UI. This allows for easily revoking/regenerating compromised application tokens and in the future setting the scope per application (which servers/apps that specific application has access to).
Then, we use simple HTTP Token/Bearer authentication headers for authenticating an application and setting it's requests. We could use ActionController::API for this.
In terms of API, I'm ok with many flavors where a simple RESTful API comes to mind quickly for ease of implementation and maintenance. If someone is interested in implementing a GraphQL API, that also sounds great.
The text was updated successfully, but these errors were encountered:
At Firmhouse, we'd like to start controlling server configuration via API. For example, we would like to allow our product Airstrip (which is deployed via Intercity) to dynamically add/remove domain names from an application.
Ideally, we create some kind of API for this so that external apps can control certain data attributes of servers or applications managed via Intercity, and that it kicks off the underlying processes and Dokku plugins.
Here's my initial take on this:
We allow for application access tokens to be generated by creating "Applications" via the Intercity admin UI. This allows for easily revoking/regenerating compromised application tokens and in the future setting the scope per application (which servers/apps that specific application has access to).
Then, we use simple HTTP Token/Bearer authentication headers for authenticating an application and setting it's requests. We could use
ActionController::APIfor this.In terms of API, I'm ok with many flavors where a simple RESTful API comes to mind quickly for ease of implementation and maintenance. If someone is interested in implementing a GraphQL API, that also sounds great.
The text was updated successfully, but these errors were encountered: