Enhanced Agent Security
The agent is a system that has higher privileges in a private infrastructure, the created tasks are processed and executed through an authentication that maps an api key of an organization, however there's no way to guarantee that task is being executed by an authenticated and authorized user session. This requirement may be important to organizations in which requires this sort of enforcement.
The JWT tokens are kept in memory only during the execution of a task, they are never persisted.
- Prevents the execution of tasks without authenticated the user session token
- Enforced with the use of external auth providers (Okta, Auth0, ORY Hydra, etc)
- Slack Tasks / REPL are disabled when this option is set
- Automation of rotating keys is not yet supported
⚠️ Toggling between this feature (JWK_URL=) could be harmful of stale tasks being executed, perform this operation with careful.
Set the enviroment variable
JWK_URL containing the public keys of your auth provider before starting the agent, the supported algorithms are
To enforce authentication using our auth provider: