All - To be clear, the design concerns about the existing Self Service component have existed from before it came over from MifosX to Fineract, so this is a long standing problem. The design suffers from simply being the wrong technical approach, but the concept of "self service" whereby the end-user gains access to the backend for authenticated and authorized activities is - of course - a key functionality.
In the near very near term, our intention at the PMC is to address some security model concerns (being non-specific here) and then to figure out the right kind of component going forward. We should not rule out a separate component at the Apache Fineract community to handle this functionality. I think we actually should consider different design options. Mifos has offered and I think Ed just mentioned it for the first time publicly on this list, to build a "stand in" for the existing functionality that currently sits inside the fineract authorization model. This will hopefully address some short term concerns. I will leave it to them to explain their approach else-thread. In the Apache approach, mifos is a vendor bundling up their solution on top of the fineract project. I mention this because really any vendor is welcome to attempt what Mifos is doing and offer that to the community of users or to bring a proposal of the same to Fineract. I would argue that for the reasons articulated around open banking, that we will need to address the architectural elements of this set of functionality in the longer term within the fineract project, but I think people should vote with their feet. I'll also use this as a plug for getting involved in the project, particularly if you have API security framework or open banking expertise. Or to be involved in the Fineract Security team. There's a lot to do on this front. We're not giving up on "self service" we just need to address it in phases. Thank you, James
