Hey All, Post this spec change [1] server can now send back vended creds to the client but like other routes LoadTable and CreateTable there is no way for a client to specify that it needs vended creds ? Since creds are optional return server has option to not return creds if it thinks is not feasible for example if storage doesn't support sts.
But IMHO its would be nice to still expect this header from client for the following reasons : 1. What if the client wants to use its own storage creds (for lets say audit for s3 access logs), server sends back vended creds, client can choose not to use it. 2. Consistency with other endpoints which supports cred vending. Server can still choose not to return any thing because of this language in spec [2] : *The server may choose to supply access via any or none of the requested mechanism* Please let me know your thoughts considering above, i have proactively put out ot a spec change for the same.[3] [1] https://github.com/apache/iceberg/pull/14563 [2] https://github.com/apache/iceberg/blob/fc434997fbc63a3f1f47481c0878073b1ccf6359/open-api/rest-catalog-open-api.yaml#L1886-L1887 [3] https://github.com/apache/iceberg/pull/14781 Best, Prashant Singh
