You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vault Web is the portal that unites the other services (cloud, password manager, chats, habits), but it currently has to know about each service through hardcoded frontend and deployment configuration. Adding or moving a service means editing Vault Web itself: its URL, its icon, which scopes it needs, where its health endpoint is. This does not scale as the ecosystem grows and makes it easy for the portal and the actual deployment to drift apart.
Example: a new module is added to the stack. Today someone has to wire its URL and metadata into the Vault Web frontend by hand. It should be enough for the module to describe itself and for Vault Web to pick it up.
Proposed solution
Define a small service registry manifest that each module ships, and have Vault Web build its view of the ecosystem from those manifests instead of hardcoded config.
Proposed manifest (for example vault-service.json) per module:
name and display name
base URL and icon
health endpoint
required scopes
token forwarding expectations (how the gateway should pass identity to it)
Scope:
agree a minimal manifest schema and document it (a good fit for server-docs)
each module provides its manifest
Vault Web reads the manifests and renders available services from them, rather than a hardcoded list
unknown or unreachable services degrade gracefully in the portal
Problem
Vault Web is the portal that unites the other services (cloud, password manager, chats, habits), but it currently has to know about each service through hardcoded frontend and deployment configuration. Adding or moving a service means editing Vault Web itself: its URL, its icon, which scopes it needs, where its health endpoint is. This does not scale as the ecosystem grows and makes it easy for the portal and the actual deployment to drift apart.
Example: a new module is added to the stack. Today someone has to wire its URL and metadata into the Vault Web frontend by hand. It should be enough for the module to describe itself and for Vault Web to pick it up.
Proposed solution
Define a small service registry manifest that each module ships, and have Vault Web build its view of the ecosystem from those manifests instead of hardcoded config.
Proposed manifest (for example vault-service.json) per module:
Scope:
Notes:
Acceptance criteria
Related: depends on the gateway-centric auth migration (Vault-Web/auth-api-gateway#38); the schema is a documentation candidate for server-docs.