On Mon, Feb 5, 2018 at 12:36 PM, Asela Pathberiya <as...@wso2.com> wrote:

>
>
> On Mon, Feb 5, 2018 at 12:10 PM, Nuwan Dias <nuw...@wso2.com> wrote:
>
>> As mentioned on the subject itself, these are Identity Management and
>> Identity Governance features. They don't closely tie in with API
>> Management. Therefore I think its fine to recommend IS for those kind of
>> use cases.
>>
>> Installing these features to APIM at this point in time is also a problem
>> due to its roadmap with 3.0. If we install these features into APIM users
>> will see these as first class features of our APIM offering, they won't see
>> this as something coming from IS.
>>
>
> APIM store is public facing for end users.  It already supports for user
> registration which is also identity management feature.  It is a question,
> why can't it support  features such as  password recovery/policies/email
> activation by default.
>

Its not that it can't. Its a question of where do we draw the line between
IS and APIM. My opinion is that the current user registration (with
workflow support) and password reset options are just enough for the OOTB
product. You can have many more scenarios than listed above. Such as Login
with Facebook, Multifactor Authentication, etc and the list could go on. I
think its fine to ask users to integrate with IS for advanced scenarios.

>
> If product supports for public user registration, it must support for all
> other identity management features as well.
>
> Are we removing the user registration from APIM 3.0 ?
>

No, that would be there. But we don't have plans to support anything else.
Since there's no C5 based IS yet, we are writing all the user management
capabilities from scratch to even get the basic functionality. The need to
support more and more scenarios would create a lot more work than already
planned. Risking its deadlines.

>
> Thanks,
> Asela.
>
>
>> Which means that users would expect the same set of features on 3.0 as
>> well. Therefore I would be -1 to installing these features on APIM.
>>
>> On Mon, Feb 5, 2018 at 9:49 AM, Asela Pathberiya <as...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> There are several customers/users who are looking for $subject with
>>> APIM.  Specially following features
>>>
>>> 1. Account lock/disable
>>> 2. Password/Account recovery
>>> 3. Password policies
>>>
>>> We are usually not recommending the feature installation.  Therefore,
>>> shall we ship these features by default with APIM.
>>>
>>> However, we can suggests to use WSO2IS as KM,  but we need to consider on
>>>
>>> 1.  Cost on running WSO2IS (infra cost)
>>> 2.  All in one deployment
>>> 3.  First impression on the IAM feature list of APIM.
>>>
>>> WDYT ?
>>>
>>> Thanks,
>>> Asela.
>>>
>>> --
>>> Thanks & Regards,
>>> Asela
>>>
>>> ATL
>>> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>>>              +358 449 228 979
>>>
>>> http://soasecurity.org/
>>> http://xacmlinfo.org/
>>>
>>
>>
>>
>> --
>> Nuwan Dias
>>
>> Software Architect - WSO2, Inc. http://wso2.com
>> email : nuw...@wso2.com
>> Phone : +94 777 775 729 <+94%2077%20777%205729>
>>
>
>
>
> --
> Thanks & Regards,
> Asela
>
> ATL
> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>              +358 449 228 979
>
> http://soasecurity.org/
> http://xacmlinfo.org/
>



-- 
Nuwan Dias

Software Architect - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to