stela ops usage fixes roles propagation and timoeut, one account to support multi tenants, migrations consolidation, search to support documentation, doctor and open api vector db search
This commit is contained in:
master
@@ -215,6 +215,14 @@ Client credentials flow with collected scopes (only if endpoints have claims):
|
||||
|
||||
Scopes are automatically collected from all connected services. If multiple endpoints require the same claim, it appears only once in the scopes list.
|
||||
|
||||
### Legacy HELLO Compatibility
|
||||
|
||||
`x-stellaops-gateway-auth.requiresAuthentication` is emitted from the Gateway's effective authorization semantics, not only the raw endpoint flag.
|
||||
|
||||
- If a microservice HELLO payload comes from an older router-common contract that does not include `requiresAuthentication`, the Gateway fails closed.
|
||||
- For `allowAnonymous: false` endpoints with no explicit auth flag, the Gateway treats the route as authenticated-only.
|
||||
- Public routes must be explicitly marked `AllowAnonymous` in the microservice to avoid accidental protection.
|
||||
|
||||
---
|
||||
|
||||
## Generated Document Structure
|
||||
|
||||
Reference in New Issue
Block a user