Limiting API user permissions
Use-case: Using Zitadel as the OIDC auth layer for our app
Environment: Self Hosting on k8s
Version: v2.67.2
Stack: Mostly TS
We implemented token introspection in a backend api and we are using a JWT (Projects -> new api-type project -> new key) to authenticate requests to the introspection endpoint.
Is it possible to limit the permissions of the API project / the JWT to only the introspection endpoint ? Thank you.
Environment: Self Hosting on k8s
Version: v2.67.2
Stack: Mostly TS
We implemented token introspection in a backend api and we are using a JWT (Projects -> new api-type project -> new key) to authenticate requests to the introspection endpoint.
Is it possible to limit the permissions of the API project / the JWT to only the introspection endpoint ? Thank you.
