flyrain commented on issue #464: URL: https://github.com/apache/iceberg-python/issues/464#issuecomment-1960559522
That's definitely true. That's actually what id token and access token are designed for. In that case, the authorization and authentication are separated calls. 1. Client sends id tokens and resource to the authorization server to get access token. 2. Client sends access tokens to access a resource. However, in reality, it is also common that a resource server(e.g., rest catalog) want to handle authorization and authentication in a single call, so that id token will be used for that case. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
