Support Delegated API Access via OAuth 2.0 On-Behalf-Of (OBO) | Feature Requests

Support Delegated API Access via OAuth 2.0 On-Behalf-Of (OBO)

Janny the AI Product Manager

Problem / Use Case
When building AI assistants or chatbots (e.g. Microsoft Teams / Copilot Studio) that interact with meshStack, API calls need to be made as the signed-in user — not as a shared service account. Today, meshStack only supports API keys with broad, user-independent access, which doesn't work for these scenarios.
Value / Impact
Supporting delegated access would allow organizations to build chatbots and AI assistants that interact with meshStack on behalf of the logged-in user, with access scoped to their existing meshStack permissions. This is the standard pattern for enterprise integrations on the Microsoft 365 platform.
Context / Links
Microsoft OBO flow: https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-on-behalf-of-flow
Copilot Studio custom connector OBO setup: https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-custom-connector-on-behalf-of
Related: https://feedback.meshcloud.io/feature-requests/p/meshcli-login-with-your-personal-meshstack-identity-for-use-in-the-terraform-pro

8 hours ago