IAV-1390/feat(credentials): server-side injection of allowedDomains & allowedHttpRequestDomains with graceful fallback for unsupported schemas (!49) · Requêtes de fusion · iavia / iavia-core-n8n-service

salaheddine zidani a demandé de fusionner feature/IAV-1390 vers develop avr. 29, 2026

Summary

Moves the responsibility of setting allowedDomains and allowedHttpRequestDomains to the backend. Credentials whose schema does not declare these properties (e.g. Telegram, WhatsApp OAuth) are silently skipped — no error, no side effect.

Changes

Added server-side injection logic for allowedDomains and allowedHttpRequestDomains on credentials save/update
Added schema presence check before injection — credentials without these fields in their schema are ignored

Why

These fields must not be user-editable. Centralizing their assignment on the backend.

Closes IAV-1390

IAV-1390/feat(credentials): server-side injection of allowedDomains & allowedHttpRequestDomains with graceful fallback for unsupported schemas

Summary

Changes

Why

Rapports de requête de fusion