onyxia
onyxia copied to clipboard
InseeFrLab
onboarding - add some data on the namespace from the jwt
It could be helpful in the region to allow to specify jwt attributes to be added in the namesapce metadata.
Today onyxia add the owner-label but we could have another metadata like email or any claim chosen by the admin.
Let say for example a region configuration like:
namespaceMetadata: ["username","email"]
Then, at each login the onboarding could check if namespace exists check this label on the namespace and if not present or equals update the label on the namespace.
This label could be useful to communicate to the user.
Let say onboarding also handle some data like onyxia/lastLoginTime we could easily then for the administrator detect namespace not really used and launch an email to ask connection or the space will be deleted.
Hi, we would be very interested in this (some identity data on namespaces). In our case, the mail would be used to alert users when we update some services.
If I'm not mistaken, UI currently does not regularly and reliably call the onboarding endpoint, it only calls it when it determines (based on vault ?) it may be the first time the user uses the app.
So we can populate more details at that time but onboarding endpoint won't let us refresh them.
I think we have multiple options at this point :
- Make the UI call onboarding at each session start regardless of any preconditions (vault ...)
- Add the API logic to the
/user/infoendpoint which is more reliably called - ???
I'm in favor of 1. Any other opinion / idea ?
@olevitt is it implemented ? I guess you can go for the first option even it's not already called regulrly
@olevitt Now the onboarding endpoint is called each new authenticated user session.
https://github.com/InseeFrLab/onyxia/commit/bf8de053c367b20f607f0dd74432702ba19e816a
Work in progress here : InseeFrLab/onyxia-api#429
This PR is now ready for review. Please tell me if that fits your need @alexisdondon @micedre (and others)