Improve Rest API authentication and authorization

Related products: None

Hi, 

Currently there is only one authentication method available on the Rest API which allows all CRUD operations to be performed over mostly every object. 

The implemented authentication method via is simple and easy to use, however a bit loose security wise. 

It should at least be possible to set, for instance, just read operation.

Ideally, a more robust and secure authentication method should be implemented, such as OAuth2, together with more granular permissions setting capability, allowing Gainsight Admin to grant specific permissions on all or just specific objects. 

Thank you. 

@Frederico.Silva thank you for sharing this here.


@sai_ram 

As we start to use Gainsight more and more, we are getting requests from other teams to pull data from GS using an API. I have always said no, as they could do anything. Is there any update on this request? I would love to be able to lock them down to a specific object with only read access, as an example.