Re: Proposal: Role Sandboxing for Secure Impersonation

Wolfgang Walther <walther@technowledgy.de>

From: Wolfgang Walther <walther@technowledgy.de>
To: Michał Kłeczek <michal@kleczek.org>, Eric Hanson <eric@aquameta.com>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2024-12-05T08:36:37Z
Lists: pgsql-hackers
Michał Kłeczek:
> PostgREST does not know alice's password as it performs JWT based 
> authentication.

Yes, that's why I proposed an extension to support JWTs in the next 
sentence. Then PostgREST would not need to do any auth at all anymore.

Best,

Wolfgang