I totally agree with Asela, and I have raised similar concerns before. What
we are lacking here is what most end users and customers would consider as
basic security features. Even though we use the name "Identity Management",
those features are basically part of secure user-management.
On Wed, Fe
Guys, I do not think you have understood what i am pointing here.
Lets me explain it clearly
Say; i have a distributed setup which contains APIM GW + APIM
(store/publisher) + KM (Here KM can be any OAuth2 authorization server).
To achieve, user locking function for store users, You are asking
On Mon, Feb 5, 2018 at 12:56 PM, Nuwan Dias wrote:
>
>
> On Mon, Feb 5, 2018 at 12:36 PM, Asela Pathberiya wrote:
>
>>
>>
>> On Mon, Feb 5, 2018 at 12:10 PM, Nuwan Dias wrote:
>>
>>> As mentioned on the subject itself, these are Identity Management and
>>> Identity Governance features. They don
On Mon, Feb 5, 2018 at 12:36 PM, Asela Pathberiya wrote:
>
>
> On Mon, Feb 5, 2018 at 12:10 PM, Nuwan Dias wrote:
>
>> As mentioned on the subject itself, these are Identity Management and
>> Identity Governance features. They don't closely tie in with API
>> Management. Therefore I think its fi
On Mon, Feb 5, 2018 at 12:10 PM, Nuwan Dias wrote:
> As mentioned on the subject itself, these are Identity Management and
> Identity Governance features. They don't closely tie in with API
> Management. Therefore I think its fine to recommend IS for those kind of
> use cases.
>
> Installing thes
Yes, i also think same. Using identity server as key manager would be a
better choice as we can get both API and IS fixes via WUM.
But we need to have some solution for all in one scenario. Other than that
any HA deployment have key manager and we can easily replace it with is as
KM and use those f
As mentioned on the subject itself, these are Identity Management and
Identity Governance features. They don't closely tie in with API
Management. Therefore I think its fine to recommend IS for those kind of
use cases.
Installing these features to APIM at this point in time is also a problem
due t
Hi All,
There are several customers/users who are looking for $subject with APIM.
Specially following features
1. Account lock/disable
2. Password/Account recovery
3. Password policies
We are usually not recommending the feature installation. Therefore,
shall we ship these features by default w