-
Notifications
You must be signed in to change notification settings - Fork 1.1k
feat: Support client-credentials & static token for OIDC client… #5514
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Support client-credentials & static token for OIDC client… #5514
Conversation
14fd0c4
to
e257c22
Compare
The checks are failing, observed that approving the PR. Please do check @allenov ! |
e257c22
to
e833ca6
Compare
fix lint. @jyejare awaiting approval |
@allenov The commit is not signed which is mandatory in checks. Please do the need. |
… auth Signed-off-by: allenov <allenov@webshark34.ru>
… auth Signed-off-by: allenov <allenov@webshark34.ru>
e72513b
to
427f56a
Compare
@jyejare howe to fix this? pr-integration-tests / integration-test-python (3.11, ubuntu-latest) |
Signed-off-by: allenov <allenov@webshark34.ru>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
Pull Request — Add Client-Credentials & Static-Token support to Feast OIDC client auth
Motivation
Feast ≤ 0.50 supports only one client-side OIDC flow:
No other files touched.
Usage Examples
🔄 Compatibility
No breaking changes: existing ROPG configs keep working.
Works on Pydantic v1 & v2 (validator shim).
No server-side changes required.
TL;DR
This PR upgrades Feast OIDC client auth from 1 → 3 usable flows:
static
token
(no round-trip),client_credentials (
client_secret
),ROPG (legacy).
It tightens validation, keeps full backward compatibility, and works out
of the box on both Pydantic major versions.