Authentication: Create endpoint to issue access tokens for Code Suggestions
🧩 Problems to solve
Users of Web IDE need to use their current login session to request access to Code Suggestions feature. We need to create a new GitLab API endpoint to provide this facility.
💡 Solutions
POST /api/v4/code_suggestions/tokens
The access token is:
- A JWT Web Secret (JWS) token
- Valid for
1
hour - Signed using OIDC private key
- Can be verified using OIDC public key via
https://gitlab.com/oauth/discovery/keys
👣 Implementation order
- (This) GitLab API endpoint to issue token - #404427 (closed)
- Model Gateway authentication with JWT token - gitlab-org/modelops/applied-ml/code-suggestions/ai-assist#56 (closed)
- Authenticate Web IDE to Model Gateway - gitlab-web-ide#140 (closed)
📔 References
- Solution validation issue - gitlab-web-ide#141 (closed)
Edited by Tan Le