Skip to content

Commit 022b6a6

Browse files
committed
Updating documentation to reflect this option now being an opt-in
1 parent d4c322d commit 022b6a6

1 file changed

Lines changed: 8 additions & 5 deletions

File tree

docs/getting-started/backstage.md

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -156,19 +156,22 @@ backend.add(import('@pagerduty/backstage-plugin-backend'));
156156
157157
```
158158

159-
## Configure Backstage Backend API Authorization
159+
## Disable Backstage Backend API Authorization
160160

161-
By default, this plugin will allow any unauthenticated user to make calls using your PagerDuty API token.
161+
This option is available as a way to maintain backwards compatibility, and should not be used in situations where your
162+
Backstage instance is accessible from outside of a trusted network - Or ideally, at all.
162163

163-
You should consider carefully if this is appropriate in your production environment.
164+
Access to a Backstage plugin's routes is restricted by use of a Bearer authorization token, which is typically issued
165+
after successfully signing in to Backstage.
164166

165-
To disable this behaviour, you can set `pagerDuty.disableUnauthenticatedAccess` to true.
167+
Previous versions of this plugin had this behaviour disabled. Restoring this previous behaviour is now opt-in, and can
168+
be achieved by setting `pagerduty.enableUnauthenticatedAccess` to `true`.
166169

167170
Example `app-config.yaml` excerpt:
168171

169172
```yaml
170173
pagerduty:
171-
disableUnauthenticatedAccess: true
174+
enableUnauthenticatedAccess: true
172175
```
173176

174177
## Configure API Authorization

0 commit comments

Comments
 (0)