Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 5.5.1
    • Fix Version/s: None
    • Component/s: REST API
    • Labels:
      None

      Description

      Currently the /api/security/users/:user only accepts requests from admin users. However, many use cases exists for non-admins to verify information about themselves. Our primary use case is related to a wrapper API around Artifactory. We want a user interacting with out API to provide us with basic authentication and we pass that information to Artifactory to validate that the credentials are valid within LDAP and that the user exists in Artifactory. Our current workaround is to use a different endpoint to validate credentials.

      The expected behavior would look like:

      User joe would be allowed to hit /api/security/users/joe, but joe would get forbidden when trying to hit /api/security/users/sam.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jordan.sussman Jordan Sussman
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: