You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
MXCP issues its own access token containing a set of MXCP-defined scopes, and validates those scopes before executing a tool.
For example, a tool that performs database writes would require the mxcp:db:write scope before running.
Not all users should be able to obtain that scope when connecting. For instance, only designated administrator users should receive tokens including mxcp:db:write. This implies the existence of a role and policy management component that maps users (or user roles) to the scopes they are authorized to receive. As a result, each user’s token only contains the scopes that correspond to their permissions, ensuring they cannot gain more privileges than allowed.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
MXCP issues its own access token containing a set of MXCP-defined scopes, and validates those scopes before executing a tool.
For example, a tool that performs database writes would require the
mxcp:db:writescope before running.Not all users should be able to obtain that scope when connecting. For instance, only designated administrator users should receive tokens including
mxcp:db:write. This implies the existence of a role and policy management component that maps users (or user roles) to the scopes they are authorized to receive. As a result, each user’s token only contains the scopes that correspond to their permissions, ensuring they cannot gain more privileges than allowed.Beta Was this translation helpful? Give feedback.
All reactions