lxc/incus
1
0
Fork 0
mirror of https://github.com/lxc/incus.git synced 2026-02-05 09:46:19 +01:00
Code Issues Releases Activity

doc/openfga: Clarify required config keys

Browse Source 
Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
Suggested-by: Tim Beermann <tibeer@berryit.de>
This commit is contained in:
Stéphane Graber
2025-12-19 06:24:49 -05:00
parent 464b423174
commit e6b52d69da
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/authorization.md
View File

@@ -31,9 +31,11 @@ This authorization method is highly granular.
For example, it can be used to restrict user access to a single instance.
To use OpenFGA for authorization, you must configure and run an OpenFGA server yourself.
To enable this authorization method in Incus, set the [`openfga.*`](server-options-openfga) server configuration options.
Incus will connect to the OpenFGA server, write the {ref}`openfga-model`, and query this server for authorization for all subsequent requests.
To enable this authorization method in Incus, set the [`openfga.*`](server-options-openfga) server configuration options.
Both `openfga.api.url` and `openfga.api.token` must be set in order to enable OpenFGA. `openfga.store.id` is optional, Incus will generate a new store if not specified.
(openfga-model)=
### OpenFGA model