Hi All, We are thinking about adding scope registration support to our carbon-auth implementation. For this we will need to have API to add/update/delete/list scopes. When we analyzed current implementation of API its designed to have API name as unique identifier. Or we can use UUID for that to adhere approach we followed for other APIs. But i dont see issue with having name as unique identifier if its unique. Myself and Malintha had quick discussion about scope registration API and came up with following attached REST API. We have removed name from resource path of existing API.
We need to think about authentication mechanism for this API as API creators will allow to add scopes per API. Also we need to think how should we handle adding same scope name by different users for different APIs. If one user defined read scope then others may not be able to define same scope. Since identity server team had experiences with this API they can provide suggestions for API and implementation. We will expose this as MSF4J based API from carbon auth run time. Lets use this thread to discuss all aspects of scope registration and finalize implementation. Thanks, sanjeewa. -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/ <http://sanjeewamalalgoda.blogspot.com/>
swagger.yaml
Description: application/yaml
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
