Skip to content

UID2-7271: add CREATE role to Role enum#622

Open
sophia-chen-ttd wants to merge 5 commits into
mainfrom
sch-UID2-7271-add-claude-access-role-to-admin
Open

UID2-7271: add CREATE role to Role enum#622
sophia-chen-ttd wants to merge 5 commits into
mainfrom
sch-UID2-7271-add-claude-access-role-to-admin

Conversation

@sophia-chen-ttd

@sophia-chen-ttd sophia-chen-ttd commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

Adds new machine-client roles to the Role enum for Claude automation in uid2-admin:

  • CREATE — maps to Okta scope uid2.admin.create; grants access to the following add endpoints:
    • POST /api/site/add
    • POST /api/client/add
    • POST /api/operator/add
    • POST /api/service_link/add
    • POST /api/client_side_keypairs/add
    • POST /api/partner_config/add

Dependency

uid2-admin PR IABTechLab/uid2-admin#653 consumes these roles via OktaCustomScope and must wait for this to be merged and a new snapshot published.

@sophia-chen-ttd @claude
UID2-7271: add CREATE role for Claude admin automation
3741a80 
Adds a CREATE role mapped to the uid2.admin.create Okta scope, giving
Claude automation apps write access to add endpoints (site, client key,
operator key, service link, CSTG keypair) without full MAINTAINER access.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@sophia-chen-ttd sophia-chen-ttd mentioned this pull request Jun 16, 2026
Open
@sophia-chen-ttd sophia-chen-ttd changed the title UID2-7271: add READ_ONLY and CREATE roles to Role enum UID2-7271: add CREATE role to Role enum Jun 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sophia-chen-ttd