Allow TeleSign credentials to be configure via ApplicationSetting API (!107553) · Merge requests · GitLab.org / GitLab

Hinam Mehra requested to merge anti-abuse/184-add-telesign-credentials-to-application-setting-api into master Dec 21, 2022

What does this MR do and why?

It is recommended to update credentials on staging/production via the API (https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7039#note_943475313).

Hence, this issue just allows the telesign_customer_xid & telesign_api_key to be set via the /application/setting API. The columns are already added to the ApplicationSetting table & model.

Telesign is an external service we use to verify users' phone numbers.

Screenshots or screen recordings

How to set up and validate locally

Create a Personal Access Token on http://localhost:3000/-/profile/personal_access_tokens
View the application settings values with curl --header "PRIVATE-TOKEN: <TOKEN>" "http://localhost:3000/api/v4/application/settings"
Update the values with curl --request PUT --header "PRIVATE-TOKEN: <TOKEN>" "http://localhost:3000/api/v4/application/settings?telesign_customer_xid=111&telesign_api_key=111

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/184

Edited Dec 21, 2022 by Hinam Mehra

Allow TeleSign credentials to be configure via ApplicationSetting API

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports