fix(auth): resolve JWT InvalidSignatureError and improve frontend UX
Some checks failed
CI / lint-and-test (push) Has been cancelled
Some checks failed
CI / lint-and-test (push) Has been cancelled
- Fix auth by using idToken fallback when accessToken audience mismatches - Add PyJWT verification with audience-aware token selection in frontend - Source health: track last_attempt_time and error status per source - Frontend: fix modal outside x-data scope, add circular-safe JSON stringify - Frontend: support multi-select service filter with All/None toggles - Frontend: improve filter layout into organized rows - Frontend: fix text overflow and result pill colors (success/succeeded) - Intune: normalize application actors (auditActorType=Application) - Add cache-control middleware for HTML/API responses - Update tests for multi-service filtering and source health
This commit is contained in:
@@ -6,7 +6,10 @@ FETCH_INTERVAL_MINUTES=60
|
||||
AUTH_ENABLED=false
|
||||
AUTH_TENANT_ID=your-tenant-id
|
||||
AUTH_CLIENT_ID=your-api-client-id
|
||||
# Optional scope for SPA login (e.g., api://<client-id>/access_as_user)
|
||||
# API scope the SPA should request at login.
|
||||
# When set, the frontend acquires an access token for this scope (aud = AUTH_CLIENT_ID).
|
||||
# When empty, the frontend falls back to the idToken, which is also valid for the backend.
|
||||
# Example: api://cc31fd45-1eca-431f-a2c6-ba81cd4c5d50/.default
|
||||
AUTH_SCOPE=
|
||||
# Comma-separated lists (optional):
|
||||
AUTH_ALLOWED_ROLES=
|
||||
|
||||
Reference in New Issue
Block a user