On Thu, Feb 9, 2017 at 7:43 PM, Omindu Rathnaweera <[email protected]> wrote:
> One option would be to introduce a claim property to indicate who can > modify the claims. We can even introduce a similar property to specify who > can read a claim as well. > > Regards, > Omindu > > On Thu, Feb 9, 2017 at 5:39 PM, Isura Karunaratne <[email protected]> wrote: > >> Hi all, >> >> What is the best way to handle special claims such as last login >> time and last password update time? These claims should >> only be modified by the system. >> >> Ideally, we should not be able to update these claims using an APIs such >> as SCIM. >> > From SCIM user manager level we can filter and remove these claims for Create Update Delete operations. > >> Thanks >> >> *Isura Dilhara Karunaratne* >> Senior Software Engineer | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > Omindu Rathnaweera > Software Engineer, WSO2 Inc. > Mobile: +94 771 197 211 <+94%2077%20119%207211> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
