Hi Albin,
I'm with David on this. At this point we agreed that the first iteration of four-eyes authorization feature won't be supported in the APIs for security reasons - having such functionality exposed through an API provides an additional point of failure. Also, it kind of defies the whole point of the feature - being accountable for a manual informed approval when four-eyes is enabled. Further on, if we agree internally on the security workflow that would function also for an API in this case and wouldn't contradict the concept of the feature, we will definitely consider covering it.
Best regards,
Oleg
I'm with David on this. At this point we agreed that the first iteration of four-eyes authorization feature won't be supported in the APIs for security reasons - having such functionality exposed through an API provides an additional point of failure. Also, it kind of defies the whole point of the feature - being accountable for a manual informed approval when four-eyes is enabled. Further on, if we agree internally on the security workflow that would function also for an API in this case and wouldn't contradict the concept of the feature, we will definitely consider covering it.
Best regards,
Oleg
Statistics: Posted by oleg.feoktistov — Aug 23, 2024 6:40 pm
