Possible to use JWT with access to only one user's content?
I have an existing managed user (with a login/password) that I would like to programmatically upload/modify content for...but only for this user account, not for any other user accounts in the enterprise. Is this possible with the OAuth2 JWT approach? It appears the JWT approach would allow other engineers to "impersonate" any other user with the supplied secrets/RSA key that is required for the JWT implementation.
Please sign in to leave a comment.
Comments
0 comments