Deprecate AuthZ in Kv2

Description

EPIC:
We need to validate token in one filter, the existing Kv2v2 filter, then call a filter to gather more tenants, then call Authorization to do an authZ check in a new filter. (tenant check, ep check, exclusions check - ignore roles)

Acceptance Criteria:

  • Documentation exists to treat Kv2v2 filter as AuthN only.

  • Config exists to set tenanted to false

  • We will note deprecation so that in v9 of Repose, the AuthZ bits will be handled in a new AuthZ filter (the way it was a year or so ago).

  • We will log when someone's using the AuthZ portions? Warn on config update...

  • Behavior for non tenanted -

Environment

None

Status

Assignee

Unassigned

Reporter

Kari Davis

Labels

None

External issue ID

None

CoAssignee

None

Capitalizable

True

Story Points

2

Epic Link

Priority

High
Configure