From 91c272d58f9389418dcbbc47ba2de684e0fc72d7 Mon Sep 17 00:00:00 2001
From: pb <pierre.bayle@irt-saintexupery.com>
Date: Mon, 10 Feb 2025 18:45:54 +0100
Subject: [PATCH] How to better authentify

---
 docs/admiralty/authentication.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/admiralty/authentication.md b/docs/admiralty/authentication.md
index 9b069c2..da8bcbc 100644
--- a/docs/admiralty/authentication.md
+++ b/docs/admiralty/authentication.md
@@ -54,3 +54,7 @@ At the moment the only time we have faced this issue is with the MinIO s3 storag
 
 ## Possible improvements
 
+- Pods bound token, can they be issued to the remote cluster via an http API call ? [doc](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/)
+
+- Using a service that contact its counterpart in the target cluster, to ask for a token with a validity set by the user in the workflow workspace. Communication over HTTPS, but how do we generate secure certificates on both ends ?
+