codeant-ai-for-open-source[bot] commented on PR #37973:
URL: https://github.com/apache/superset/pull/37973#issuecomment-4055222834
## **Sequence Diagram**
This PR adds API key support end to end: users can manage keys from the User
Info page, and those keys are then accepted for authenticated access to
protected APIs. The core change is delegating key validation and RBAC checks to
FAB SecurityManager so existing protected endpoints work without per view
changes.
```mermaid
sequenceDiagram
participant User
participant UserInfoPage
participant SupersetBackend
participant FABSecurityManager
participant ClientScript
participant ProtectedAPI
User->>UserInfoPage: Open profile with API keys enabled
UserInfoPage->>SupersetBackend: List existing API keys
User->>UserInfoPage: Create new API key
UserInfoPage->>SupersetBackend: Submit create API key request
SupersetBackend->>FABSecurityManager: Create key record and hash
FABSecurityManager-->>UserInfoPage: Return one time API key
ClientScript->>ProtectedAPI: Call endpoint with bearer API key
ProtectedAPI->>FABSecurityManager: Validate key and load user permissions
FABSecurityManager-->>ProtectedAPI: Authenticated user with RBAC context
ProtectedAPI-->>ClientScript: Authorized API response
```
---
*Generated by [CodeAnt AI](https://codeant.ai)*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
