Provide an idea you would like to see in the tool?
To avoid each member of a team having to have a set of connections to different instances configured, it would be very helpful to be able to configure a URL of an API which can return a list of connections. This API could be authenticated via OAuth, both to protect access to it and also to allow it to dynamically filter the list of connections depending on the identity of the user requesting it. This list would contain only the basic details of the connection to allow it to be identified by the user, and not any of the authentication information such as client id/secret.
After selecting a connection from the list to connect to, a separate API call would be made to retrieve the required authentication details. The API could then display some more UI to prompt for more information, e.g. a data access request to justify why the user requires access to this connection. The API would then return the information required for PPTB to authenticate the connection. This could be just an access token so that the client id/secret is never exposed to the user.
This system allows a central list of connections to be managed within an organization without having to share secrets with each user, which would then need to be rotated when a staff member leaves. It also allows the API to maintain an audit trail of when each user accessed each instance.
Relevant log output
Provide an idea you would like to see in the tool?
To avoid each member of a team having to have a set of connections to different instances configured, it would be very helpful to be able to configure a URL of an API which can return a list of connections. This API could be authenticated via OAuth, both to protect access to it and also to allow it to dynamically filter the list of connections depending on the identity of the user requesting it. This list would contain only the basic details of the connection to allow it to be identified by the user, and not any of the authentication information such as client id/secret.
After selecting a connection from the list to connect to, a separate API call would be made to retrieve the required authentication details. The API could then display some more UI to prompt for more information, e.g. a data access request to justify why the user requires access to this connection. The API would then return the information required for PPTB to authenticate the connection. This could be just an access token so that the client id/secret is never exposed to the user.
This system allows a central list of connections to be managed within an organization without having to share secrets with each user, which would then need to be rotated when a staff member leaves. It also allows the API to maintain an audit trail of when each user accessed each instance.
Relevant log output