Hi, With the current efforts on moving to C5 based architecture, API Manager plans to rely on standalone IS (without installing features) so that it can operate as the Key Manager for the API Gateway. In order to achieve this, there are a few feature gaps in IS we have identified earlier that need to be filled in. Please see the list below.
1. A Dynamic Client Registration Endpoint When users create Applications and Keys on the API Store, we need to call an Endpoint on IS to register the Application. Once an Application is registered, API Manager also requires an endpoint to retrieve the Application's information by querying using the Application name. 2. A Resource Registration Endpoint When defining scopes and associating Resources to scopes, it is required to register these scopes on IS. Scopes should also have a role (or similar) binding so that we can perform RBAC (at a minimal) for scopes. It is ideal to make this an extensible framework so that others could associate thing like permissions to scope as well. 3. A Resource Validation Endpoint against scopes When the Gateway grants access on a particular token to a resource, it needs to check if the given token bears the necessary scope to access that resource. At the moment we have identified the above 3 as mandatory features to be supported by IS if the said integration is to be feasible. We would be grateful if these could be taken into consideration when IS is being built on C5. Thanks, NuwanD. -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
