Hi Christian
Nice document, thanks !
Definitely a great idea to "document" the OAuth2 flow. My only comment
is that we should document the client side (what you are doing great
in the doc), but also the server side (it might help to understand the
full picture).
I propose to have a group effort o
Thank you for your Feedback everyone!
It would be great if we could get some more eyes from the community on the
server-side token exchange section at the bottom of the Document. Are we aware
of any OAuth2 secured implementations that provide tokens from the resource
server to the client apart
sync.
>
>
>
> [1]
> https://docs.google.com/document/d/1buW9PCNoHPeP7Br5_vZRTU-_3TExwLx6bs075gi94xc/edit?usp=sharing
>
> [2] https://github.com/apache/iceberg/issues/11286
>
>
>
>
>
>
>
> *From: *Yufei Gu
> *Date: *Saturday, 12. October 2024 at 12:30
> *To: *dev@ic
]
https://docs.google.com/document/d/1buW9PCNoHPeP7Br5_vZRTU-_3TExwLx6bs075gi94xc/edit?usp=sharing
[2] https://github.com/apache/iceberg/issues/11286
From: Yufei Gu
Date: Saturday, 12. October 2024 at 12:30
To: dev@iceberg.apache.org
Subject: Re: [DISCUSS] REST: OAuth2 Authentication Guide
Thanks Christian. Nice write-up! Authentication is essential to a
production env. It's great to document it well given a lot of people don't
necessarily have enough OAthen2 knowledge. Looking forward to the doc PRs
and other client side changes.
Yufei
On Wed, Sep 18, 2024 at 8:31 AM Dmitri Bourl
Hi Christian,
Very nice proposal. Thanks for putting it together! I added some comments
to the doc.
I think it is related to PR #10753 [4], which proposes some foundational
refactoring to the java REST client to enable further enhancements in
OAuth2 flows.
Cheers,
Dmitri.
[4] https://github.com
Dear everyone,
the Iceberg REST specification allows for different ways of Authentication,
OAuth2 is one of them. Until recently the OAuth2 /token endpoint was part of
the REST-spec together with datatypes required for the client-credential flow.
Both have since been removed from the spec for s
