fix: deprecate requirement of session token for service accounts (#9320)

This PR fixes couple of behaviors with service accounts - not need to have session token for service accounts - service accounts can be generated by any user for themselves implicitly, with a valid signature. - policy input for AddNewServiceAccount API is not fully typed allowing for validation before it is sent to the server. - also bring in additional context for admin API errors if any when replying back to client. - deprecate GetServiceAccount API as we do not need to reply back session tokens
2025-11-08 21:24:55 -05:00 · 2020-04-14 11:28:56 -07:00
parent bfec5fe200
commit 37d066b563
14 changed files with 167 additions and 249 deletions
--- a/cmd/admin-handlers.go
+++ b/cmd/admin-handlers.go
@@ -942,7 +942,7 @@ func toAdminAPIErr(ctx context.Context, err error) APIError {
 				HTTPStatusCode: http.StatusNotFound,
 			}
 		} else {
-			apiErr = errorCodes.ToAPIErr(toAdminAPIErrCode(ctx, err))
+			apiErr = errorCodes.ToAPIErrWithErr(toAdminAPIErrCode(ctx, err), err)
 		}
 	}
 	return apiErr