-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: rewrite Operate API auth guide #4138
Conversation
👋 🤖 ✅ Looks like the changes were ported across versions, nice job! 🎉 You can read more about the versioning within our docs in our documentation guidelines. |
@pepopowitz can you bring someone in from the Operate team via #ask-operate to review this PR as well? |
|
||
### Authentication via cookie | ||
## Authentication via cookie (Self-Managed only) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❓ This is the only API that has docs about cookie auth, which feels suspicious.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My assumption is that this exists for a reason, but I've started a conversation at https://camunda.slack.com/archives/C9B5270DA/p1724352947450009 to hopefully get more clarity.
|
||
1. [Create client credentials](/guides/setup-client-connection-credentials.md) in the **Clusters > Cluster name > API** tab of [Camunda Console](https://console.camunda.io/). | ||
2. Add permissions to this client for **Operate**. | ||
3. Upon creating the client, capture the following values required to generate a token: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NBC: "When" instead of "upon"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually changed this from when to upon, because it felt wrong. You see the values as soon as you're done creating the client, not while you're doing it. I didn't like "after," because it implies that you can go back and get the values later (which you can't do).
Is there a different word to use here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Once"[you have created...] implies straight after
"After" has less emphasis on it being straight after
"When" implies during the process
I guess then it should be after or once, but once is a hurdle in translation as it can also mean numerically. So perhaps we can use "Once" for now, and if translation becomes a thing, we know to revisit this phrasing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So it could be: Once you have created the client, capture...
| Audience | | `operate.camunda.io` | | ||
| Operate REST Address | `CAMUNDA_OPERATE_BASE_URL` | - | | ||
<!-- this comment convinces the markdown processor to still treat the table as a table, but without adding surrounding paragraphs. 🤷 --> | ||
:::tip |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NBC: Should this be a caution instead of a tip as it is quite important as they cannot get the secret again if they don't copy it now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't feel strongly either way about this; if you do, let me know and I'll adjust.
<TabItem value='saas'> | ||
|
||
:::tip | ||
The URL of the Operate REST API, represented below by the `${CAMUNDA_OPERATE_BASE_URL}` variable, can be captured when creating an API client. It can also be constructed as `https://${REGION}.operate.camunda.io/${CLUSTER_ID}`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NBC: Change passive voice > active voice
You can capture the URL of the Operate REST API when creating an API client. This is represented below....variable. It can...
An easy way to see if you are using passive voice is to see if you can insert "by zombies" and it still makes grammatical sense. For example:
can be captured (by zombies) = passive voice
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job @pepopowitz looks really good - concise and clean!
I've left some non-blocking suggestions that you might feel helps, at your discretion if you think they are worth acting on, as some of them are for more of a wider discussion (e.g. using gerunds in headings).
I haven't explicitly approved as I believe an Operate team member needs to perform a review as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mesellings Has left a detailed review, largely for active/passive voice, but beyond that, I think this looks great! 👍
This PR is ready for a final review, with all required feedback addressed, and backported to v8.5. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The cleanup here looks fab! Thank you for opening up the conversation about cookie auth. Since that is an ongoing discussion, I wouldn't consider that blocking for this PR.
Description
Part of #4117.
Rewrites the Operate API Auth guide to align with the specs defined in #4117.
Once approved, I will backport to the current version of the docs also.
SaaS
Self-Managed
Using a token/etc
When should this change go live?
hold
label or convert to draft PR)PR Checklist
/versioned_docs
directory./docs
directory (aka/next/
).