Expand description
Multi-tenant mint authorization. When one hackamore serves more than one trust domain, a tenant authenticates to the mint endpoint and may only mint tokens scoped to the targets it owns. Without this, any caller could submit a policy naming another tenant’s target and launder its credential.
Single-trust-domain deployments leave this registry empty, and minting is open (the mint endpoint is the operator’s own surface).
Structs§
- Tenants
- Maps a tenant credential (an opaque key the operator issues) to the set of service instance names that tenant owns.