Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Approved On Feb 12, 2018 10:26 AM, "Indunil Upeksha Rathnayake" wrote: Hi Maheshika, Can you please create a new git repository with the name " identity-x509-revocation" under wso2-extensions, for moving this feature implementation. Thanks and Regards On Wed, Jan 17, 2018

Re: [Architecture] Clearly defining what operations users can perform on a shared application in APIM

On 13 February 2018 at 18:02, Chamin Dias wrote: > Hi, > > Can we promote a "shared user" to "admin shared user" (and vise versa)? Is > it supported in this feature? > > Thanks. > > @Chamin, there is no such thing as an admin shrared user. We do have a facility of changing the

Re: [Architecture] Clearly defining what operations users can perform on a shared application in APIM

@Harsha, yes there is no way to truly prevent shared users from invoking the token endpoint and there by revoking the access token. But as discussed since tokens are not hard coded in applicaitions this is not a concern. Apps should be continuously refreshing their token from time to time On 13

Re: [Architecture] Clearly defining what operations users can perform on a shared application in APIM

Hi, Can we promote a "shared user" to "admin shared user" (and vise versa)? Is it supported in this feature? Thanks. On Tue, Feb 13, 2018 at 3:51 PM, Harsha Kumara wrote: > @Sanjeewa, Uvindra can we actually prevent it? Basically we can hide it > from UI. But since he know

Re: [Architecture] Using REST APIs with Carbon console.

Hi Menaka, As we are rewriting the services, I am *not* in favor of writing SOAP services and then Carbon UI on top of it. Given the current circumstances, I would leave the REST API. thanks, Dimuthu On Tue, Feb 13, 2018 at 2:49 PM, Menaka Jayawardena wrote: > Hi all, > >

Re: [Architecture] Clearly defining what operations users can perform on a shared application in APIM

@Sanjeewa, Uvindra can we actually prevent it? Basically we can hide it from UI. But since he know the consumer key and secret, he can simply revoke and regenerate the token. On Thu, Feb 8, 2018 at 2:57 PM, Uvindra Dias Jayasinha wrote: > Yes we can safely prevent shared users

Re: [Architecture] [IS] REST endpoint for Claim Management in IS

Hi Sanjeewa, I will updated the relevant places accordingly. Thanks for pointing out. Thank You. On Tue, Feb 13, 2018 at 12:58 PM, Sanjeewa Malalgoda wrote: > In that case please consider http status code 207[1] as simple resource > update actually handle multiple resource

[Architecture] Using REST APIs with Carbon console.

Hi all, I'm working on implementing the Retryable Outbound Provisioning for Identity Server. I have completed the backend implementation and now working on developing the UI. As per our initial discussion, the new UI was planned to be added to the IS carbon console. But when looking into this, I