am1
1
I was trying to evaluate possibility custom RBAC implementation using gRPC plugin. I couldn’t get access to http method in the plugin.
The need is to authorize the request for a resource + verb (/some_resource + GET) for a given role.
Is there a way to access to HTTP method in the plugin?
Or should this need be achieved in any other way? (i.e. not via custom plugin)
matiasb
2
Hi @am1, the HTTP verb isn’t currently exposed to gRPC plugins. You may create a feature request.
The buit-in Tyk policies allow you to filter out requests based on the HTTP verb + request path, see here.
Best.
1 Like
am1
3
I have submitted feature request.
The policies option seems not sufficient for RBAC feature. Or seems cryptic to define for large set of resources.