You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using "evidently-secret" header in order to protect write api. You should never use this functionality for authorization.
But, of course, you can have your own proxy authorization layer just before running "evidently ui" (i think modifying evidently source code is bad idea for your purposes). This layer just check token, if ok - proxy request to running "evidently ui" server
I understand this is unfortunately not possible with Evidently. We can work around it and secure the service in a different way, but more clarity in the documentation would be appreciated.
I am trying to setup a self hosted ML monitoring with Evidently.
I have Evidently running inside a container on a remote host. The host requires an Authorization header with a Bearer token.
According to the documentation, passing a secret is possible via:
However, it looks like Evidently passes the secret value as
evidently-secret
header instead of anAuthorization
header. (see here and here)Would it be possible to allow users to specify the name of the header the secret should be attached to?
The text was updated successfully, but these errors were encountered: