codeant-ai-for-open-source[bot] commented on PR #37973:
URL: https://github.com/apache/superset/pull/37973#issuecomment-4054576616
## **Sequence Diagram**
This PR adds API key management in the user profile and routes API key
authentication through FAB SecurityManager so protected Superset APIs can be
accessed programmatically. The core flow is key creation in UI followed by
bearer key validation and RBAC enforcement on API requests.
```mermaid
sequenceDiagram
participant User
participant UserInfoPage
participant SecurityAPI
participant Automation
participant SupersetAPI
participant FABSecurityManager
User->>UserInfoPage: Open API Keys section
UserInfoPage->>SecurityAPI: List create and revoke API keys
SecurityAPI-->>UserInfoPage: Return key metadata and new key once
Automation->>SupersetAPI: Call protected endpoint with bearer API key
SupersetAPI->>FABSecurityManager: Validate API key and check access
FABSecurityManager-->>SupersetAPI: Return authenticated user context
SupersetAPI-->>Automation: Return authorized API response
```
---
*Generated by [CodeAnt AI](https://codeant.ai)*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
