[jira] [Updated] (AIRAVATA-2889) Use service account to authenticate Django portal to IamAdminService

Fri, 02 Nov 2018 13:55:53 -0700 


     [ 
https://issues.apache.org/jira/browse/AIRAVATA-2889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marcus Christie updated AIRAVATA-2889:
--------------------------------------
    Description: 
PGA uses the realm admin's username and password, but it would be better if we 
could just use the existing client_id and client_secret to get an access token 
for authenticating with the IAM Admin Services API.

h5. TODO
* [x] Add *manage-users* role from the *realm-management* client to the 
automatically generated PGA client in the tenant creation code
* [ ] Use ProfileService to get oauth client id/seagrid from 
TenantProfileService instead of from Gateway in workspace catalog (where it may 
or may not be populated)

  was:
PGA uses the realm admin's username and password, but it would be better if we 
could just use the existing client_id and client_secret to get an access token 
for authenticating with the IAM Admin Services API.

h5. TODO
* [ ] Add *manage-users* role from the *realm-management* client to the 
automatically generated PGA client in the tenant creation code
* [ ] Use ProfileService to get oauth client id/seagrid from 
TenantProfileService instead of from Gateway in workspace catalog (where it may 
or may not be populated)


> Use service account to authenticate Django portal to IamAdminService
> --------------------------------------------------------------------
>
>                 Key: AIRAVATA-2889
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2889
>             Project: Airavata
>          Issue Type: Improvement
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> PGA uses the realm admin's username and password, but it would be better if 
> we could just use the existing client_id and client_secret to get an access 
> token for authenticating with the IAM Admin Services API.
> h5. TODO
> * [x] Add *manage-users* role from the *realm-management* client to the 
> automatically generated PGA client in the tenant creation code
> * [ ] Use ProfileService to get oauth client id/seagrid from 
> TenantProfileService instead of from Gateway in workspace catalog (where it 
> may or may not be populated)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to