Description of the limitation and why it is relevant to address
As a developer integrating with the VIKTOR platform, I am currently facing challenges in accessing the platform’s API due to the lack of support for obtaining a bearer token via Single Sign-On (SSO) or alternative authentication methods. This limitation hinders the seamless integration of VIKTOR’s comprehensive tools, as outlined in your documentation (Introduction | VIKTOR Documentation), into our development workflow.
Addressing this limitation is crucial as it would significantly enhance the developer experience by facilitating easier access to the API, thereby unlocking the full potential of VIKTOR’s offerings. This improvement would not only benefit developers by streamlining their workflows but also add value to the end-users by enabling the creation of more robust and integrated solutions on the VIKTOR platform.
Submitter proposed design (optional)
- (I heard this is already considered) Implementing a dual authentication mechanism that supports both SSO and traditional username/password login. This approach would provide flexibility in how developers can authenticate and obtain a bearer token, catering to a wider range of use cases and integration scenarios.
- Introducing a feature to dynamically generate bearer tokens through a dedicated API endpoint or within the VIKTOR platform’s user interface. This solution would allow developers to programmatically obtain tokens as needed, enhancing automation and efficiency in their development processes.
Current workarounds
Currently, the only workaround involves using developer tools to inspect web requests and manually extract the bearer token. However, this method is not only cumbersome but also unreliable due to the short lifespan of the tokens obtained in this manner. Implementing a more streamlined and official method for token generation would greatly improve usability.