Skip to content

Add admin endpoints to manage OAuth providers at runtime #62

Description

@Bccorb

Context

Surfaced during a usability/extensibility survey.

OAuth providers live in system_config as JSON (oauth_providers, seeded from OAUTH_PROVIDERS). Adding or updating a provider requires editing the DB row (or env + reseed); there is no REST admin surface for it, unlike other admin operations. Provider client secrets correctly stay in env vars referenced by clientSecretEnv.

Suggested work

  • Add admin-scoped endpoints to list / add / update / disable OAuth providers, validated against OAuthProviderConfigSchema (src/schemas/systemConfig.schema.ts).
  • Invalidate the system-config cache after writes (see getSystemConfig.ts).
  • Keep client secrets out of the API surface (continue referencing clientSecretEnv; never accept or return raw secrets).

Acceptance

  • Admin can manage providers via the API without hand-editing system_config, with tests and OpenAPI coverage.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions