This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
Ability to disable /publicRooms and /profile via unauthed CS API while still allowing it over SS #5532
Closed
Description
- add options to require an access_token to GET /profile and /publicRooms on CS API #5083 originally just disabled /publicRooms and /profile via unauthed CS API.
- the PR then evolved to use the same config option to also disable access via SS API.
- This is problematic for deployments which run private federations where the SS API is trusted, which depend on /publicRooms in particular being able to be accessed via SS API, but do not want unauthed access to work on CS API.
- Therefore we need to split the config options in add options to require an access_token to GET /profile and /publicRooms on CS API #5083 to allow for controlling access separately via CS & SS API for this scenario.