Hi Tharindu, Have we considered creating scopes in a single place and reusing them in multiple APIs (just like we do with endpoints in v3)? I believe it will be a useful capability because it allows publishers to reduce the number of scopes when there are many APIs and resources.
IINM, in the current implementation, users can't even add the same scope even for multiple versions of the same API. Well, that's a separate thing to handle anyway. Thanks, Bhathiya On Tue, Dec 5, 2017 at 1:45 AM, Tharindu Dharmarathna <[email protected]> wrote: > Hi All, > > We are going to develop Resource Registration Rest API for engaging Scope > for the resource. I had come up with below flow in order to do the above. > > > > In Above Diagram for Store Scopes, we can do below two ways. > > > 1. Store under swagger.json as security definition > 2. Store In database schema. > > If we are Storing in swagger we have following advantages and > disadvantages. > *Advantages* > > 1. The scope can easily manage as we can assign the scopes to a resource > inside the swagger. > > *Disadvantages*. > > 1. If we have lots of scopes for the API for getting the Details of the > scope we have to call the Resource Server Endpoint, therefore it may lead > to high network usage. > 2. Swagger given by user get changed by injecting our set of properties. > > I had come up with below set of resources to create scopes and assign > scopes > > > 1. /apis/{apiid}/scopes - post (add scope for api) > 2. /apis/{apiid}/scopes - get (get All the scopes for api) > 3. /apis/{apiid}/scopes/{name} - put update scope > 4. /apis/{apiid}/scopes/{name} - delete scope > 5. /apis/{apiid} - put (Apply scopes(add,update,delete) into resources) > 6. /apis/{apiid} - get (get scopes applied to a resources) > > Or We can do the below way as Reources are not consider as a sub resources > of the API > > > 1. /api1/{apiid} - (get,put) These two operations used to add > scope,update scope,delete scope,assign scopes to resources. > > > Please let us know your Ideas on this. > > Thanks > > *Tharindu Dharmarathna*Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94779109091 <+94%2077%20910%209091>* > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
