Add internal API endpoints for authorized SSH certificates
Overview
More information about the motivation in epic: &11192 (closed)
Proposal
The /authorized_certs
API endpoint should be added in order to respond which namespace a particular user has access to via specified certificate.
The /allowed
endpoint should accept namespace_path
param that contains the namespace a user has access to. It should be verified whether the namespace_path
is an ancestor of the passed project
- PoC of the whole functionality: Draft: Support uploading CA files to a group (!126741 - closed). The internal
/authorized_certs
and/allowed
logic modifications can be extracted from there. - Gitlab Shell MR that uses the endpoint: Support authentication using SSH Certificates (gitlab-shell!812 - merged)
Edited by Igor Drozdov