Hi Tharika, On Mon, Jun 12, 2017 at 2:25 PM, Tharika Madurapperuma <[email protected]> wrote:
> Hi All, > > In APIM 3.0, we plan to have a feature for enabling Read, Update, > Delete permissions for an API based on roles in API Publisher. For user > validation purposes, we need to retrieve the list of roles for the loggedin > user. This role list is retrieved using the user's SCIM Id. But since the > admin user by default does not have an ID as per [1] and is not regarded as > a SCIM user, we wont be able to retrieve the list of roles for the admin. > > There are two possible options for making this work. > > *Option 1: *Either from APIM 3.0 side we should make a call to the > SCIM endpoint and update the admin user to have a SCIM ID as in [1], > preferably during startup or > * Option 2: *We can make the admin user have an Id by default from SCIM > Implementation in IS. > > If we go with Option 1, it amounts to an additional call to the SCIM > endpoint to update the user and a question arises as to where we should be > updating it. The SCIM Id for the admin user is needed only in this scenario > for retrieving roles currently, hence updating the admin user during > startup is questionable. > > IMO Option 2 is preferrable because it will not result in an additional > update as in Option 1 above. > > WDYT? > > Will there be any plans to include this capability in IS 5.4.0? > This capability will not include in IS 5.4.0 release, if this is urgent, we can prioritize Thanks Isura. > > [1] [Dev] [IS] Admin/Tenant Admin Users cannot be filtered to get the > SCIM ID > > Thanks, > Tharika. > > -- > *Tharika Madurapperuma* > Software Engineer | WSO2, Inc. > > Email : [email protected] > Mobile : +94777875624 <+94%2077%20787%205624> > Web : http://wso2.com > > <http://wso2.com/signature> > -- *Isura Dilhara Karunaratne* Senior Software Engineer | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
