Hi all, Shall we finalize the resource context for this API since it is blocking the implementation?
Thanks, On Wed, Mar 18, 2020 at 12:56 PM Sathya Bandara <[email protected]> wrote: > Hi Ruwan, > > The API will have the tenant scope however currently the authenticator > configurations needs to be done globally using the > application-authentication.xml file. In the future we can provide database > support for storing tenant wise authenticator configurations. > > On Wed, Mar 18, 2020 at 12:41 PM Ruwan Abeykoon <[email protected]> wrote: > >> Hi Thanuja, >> These API needs to be functional on tenant scope too, and the >> "Authenticator" configuration needs to be done per each tenant. >> If not we have to add the capability to configure the authentication per >> each tenant in future quite soon. >> >> Cheers, >> Ruwan A >> >> On Wed, Mar 18, 2020 at 12:08 PM Thanuja Jayasinghe <[email protected]> >> wrote: >> >>> Hi Ruwan, >>> >>> >>> On Wed, Mar 18, 2020 at 9:36 AM Ruwan Abeykoon <[email protected]> wrote: >>> >>>> Hi Sathya, >>>> If this is only used for authenticating SOAP calls, then we need not >>>> worry about managing it with REST. >>>> SOAP services is going to be deprecated in favor of REST API. It is all >>>> right to keep file based config and/or SOAP services to manage this. >>>> >>> >>> The purpose of this API is not to provide authentication for SOAP calls, >>> rather it is designed to fulfill the following limitations with local >>> authenticators and related properties, >>> - No API to return basic attributes of a local authenticator (ex: >>> whether the basic authenticator is enabled) >>> - Can't create and manage multiple instances of a local >>> authenticator (ex: If we take Facebook federated authenticator, we can >>> create multiple instances with different configurations by creating >>> multiple IdPs, but this option is not available for local authenticators.) >>> - No API to update server own configurations for authentication, >>> etc.(ex: session idle time for the tenant) >>> >>> As the first step, we are creating this API to get the basic attributes >>> of local authenticators and it is essential for the new developer portal. >>> >>> >>>> >>>> Also, it is generally not a good idea to have API or Services to change >>>> "configs". Configs only to be done via file system. >>>> API is needed to change runtime data, in our case (SP, IdP, UserStore, >>>> etc) >>>> >>> >>> As this manages local authenticators(in future) and related properties, >>> it will be run-time data. But yes, "configs" doesn't seem to be matched >>> with the purpose. >>> >> Highly appreciate your suggestions for the context of this API. We have > evaluated following options as well in addition to "configs". > > - resident > - local-identity-provider > > > >>> >>>> >>>> Cheers, >>>> Ruwan A >>>> >>>> >>>> On Wed, Mar 18, 2020 at 9:20 AM Sathya Bandara <[email protected]> wrote: >>>> >>>>> Hi all, >>>>> >>>>> WSO2 Identity Server currently supports server local authenticator >>>>> related operations using SOAP APIs. I'm currently working on introducing a >>>>> REST API layer for this purpose in 5.11.0. In the initial phase only GET >>>>> operations will be supported in the API level since we do not allow to >>>>> add/update local authenticators from the backend OSGi service. >>>>> >>>>> - API for listing authenticators >>>>> >>>>> >>>>> * api/server/v1/configs/authenticators * >>>>> - API to retrieve authenticator by ID >>>>> * api/server/v1/configs/authenticators/{authenticator-id}* >>>>> >>>>> Please find the complete API definition in [1]. >>>>> >>>>> Furthermore, since currently we do not have a REST API for managing >>>>> configurations available under the Resident IDP section e.g. idle session >>>>> timeout, going forward, we can introduce new APIs under >>>>> api/server/v1/configs context. >>>>> >>>>> Highly appreciate your valuable suggestions on this. >>>>> >>>>> [1] https://app.swaggerhub.com/apis/emswbandara/IAM_CONFIGS/0.1.0 >>>>> >>>>> Thanks, >>>>> Sathya >>>>> -- >>>>> Sathya Bandara >>>>> Senior Software Engineer >>>>> Blog: https://medium.com/@technospace >>>>> WSO2 Inc. http://wso2.com >>>>> Mobile: (+94) 715 360 421 >>>>> >>>>> <+94%2071%20411%205032> >>>>> >>>> >>>> >>>> -- >>>> Ruwan Abeykoon | Director/Architect | WSO2 Inc. >>>> (w) +947435800 | Email: [email protected] >>>> >>>> >>> Thanks, >>> Thanuja >>> -- >>> *Thanuja Lakmal* >>> Technical Lead >>> WSO2 Inc. http://wso2.com/ >>> *lean.enterprise.middleware* >>> Mobile: +94715979891 >>> >> >> >> -- >> Ruwan Abeykoon | Director/Architect | WSO2 Inc. >> (w) +947435800 | Email: [email protected] >> >> > > -- > Sathya Bandara > Senior Software Engineer > Blog: https://medium.com/@technospace > WSO2 Inc. http://wso2.com > Mobile: (+94) 715 360 421 > > <+94%2071%20411%205032> > -- Sathya Bandara Senior Software Engineer Blog: https://medium.com/@technospace WSO2 Inc. http://wso2.com Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
