Hi Isura, On Tue, Jun 13, 2017 at 10:31 AM, Isura Karunaratne <[email protected]> wrote:
> Hi Tharika, > > On Mon, Jun 12, 2017 at 2:25 PM, Tharika Madurapperuma <[email protected]> > wrote: > >> Hi All, >> >> In APIM 3.0, we plan to have a feature for enabling Read, Update, >> Delete permissions for an API based on roles in API Publisher. For user >> validation purposes, we need to retrieve the list of roles for the loggedin >> user. This role list is retrieved using the user's SCIM Id. But since the >> admin user by default does not have an ID as per [1] and is not regarded as >> a SCIM user, we wont be able to retrieve the list of roles for the admin. >> >> There are two possible options for making this work. >> >> *Option 1: *Either from APIM 3.0 side we should make a call to the >> SCIM endpoint and update the admin user to have a SCIM ID as in [1], >> preferably during startup or >> * Option 2: *We can make the admin user have an Id by default from >> SCIM Implementation in IS. >> >> If we go with Option 1, it amounts to an additional call to the SCIM >> endpoint to update the user and a question arises as to where we should be >> updating it. The SCIM Id for the admin user is needed only in this scenario >> for retrieving roles currently, hence updating the admin user during >> startup is questionable. >> >> IMO Option 2 is preferrable because it will not result in an >> additional update as in Option 1 above. >> >> WDYT? >> >> Will there be any plans to include this capability in IS 5.4.0? >> > This capability will not include in IS 5.4.0 release, if this is urgent, > we can prioritize > Please do include. Otherwise we'll have to do hacks to get the basic functionalitties working for the default (admin) user. Thanks, Bhathiya > > Thanks > Isura. > >> >> [1] [Dev] [IS] Admin/Tenant Admin Users cannot be filtered to get the >> SCIM ID >> >> Thanks, >> Tharika. >> >> -- >> *Tharika Madurapperuma* >> Software Engineer | WSO2, Inc. >> >> Email : [email protected] >> Mobile : +94777875624 <+94%2077%20787%205624> >> Web : http://wso2.com >> >> <http://wso2.com/signature> >> > > > > -- > > *Isura Dilhara Karunaratne* > Senior Software Engineer | WSO2 > Email: [email protected] > Mob : +94 772 254 810 <077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
