Map out challenges related to access management and caching in Auth #2963
Assignees
Labels
kind/analysis
status/draft
Status: When you create an issue before you have enough info to properly describe the issue.
status/triage
Comments
cammiida
added
kind/analysis
status/draft
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
User authorization is cached for 10 minutes today. That means that if a user is delegated access to a form and has logged in within the last 10 minutes, the user will be met with a "you do not have access" when opening the form in question. This is most prominent when testing, but can also apply to eager users that is currently "working in Altinn".
Does this also apply to the person instantiating the form? Let's say that person has write, but not sign from
policy.xml, but then delegates sign rights to themself. What happens?In scope
No response
Out of scope
No response
Additional Information
No response
Analysis
No response
Conclusion
No response
The text was updated successfully, but these errors were encountered: