Ashwin Bharambe 5b39d5a76a feat(auth, rfc): Add support for Bearer (api_key) Authentication (#1626) ... This PR adds support (or is a proposal for) for supporting API KEY authentication on the Llama Stack server end. `llama-stack-client` already supports accepting an api_key parameter and passes it down through every request as an `Authentication: ` header. Currently, Llama Stack does not propose APIs for handling authentication or authorization for resources of any kind. Given that, and the fact that any deployment will typically have _some_ authentication system present, we simply adopt a delegation mechanism: delegate to an HTTPS endpoint performing key management / authentication. It is configured via: ```yaml server: auth: endpoint: <...> ``` in the run.yaml configuration. ## How It Works When authentication is enabled: 1. Every API request must include an `Authorization: Bearer <token>` header 2. The server will send a _POST_ validation request to the configured endpoint with the following payload: ```json { "api_key": "<token>", "request": { "path": "/api/path", "headers": { "header1": "value1", ... }, "params": { "param1": "value1", ... } } } ``` 3. If the authentication endpoint returns a 200 status code, the request is allowed to proceed 4. If the authentication endpoint returns any other status code, a 401 Unauthorized response is returned ## Test Plan Unit tests		2025-03-18 16:24:18 -07:00
..
integration	feat(agent): support multiple tool groups (#1556)	2025-03-17 22:13:09 -07:00
unit	feat(auth, rfc): Add support for Bearer (api_key) Authentication (#1626)	2025-03-18 16:24:18 -07:00
__init__.py	refactor(test): introduce --stack-config and simplify options (#1404)	2025-03-05 17:02:02 -08:00