Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10912

Describe permissions required to use each REST endpoint in API Explorer

    XMLWordPrintable

    Details

    • Rank:
      1|hzt4jb:
    • Support Ticket IDs:

      Description

      As a developer I want to know what type of identity can consume a REST endpoint when looking at the API Explorer.

      As a security auditor working for a customer I want an understanding of the privileges required to use each endpoint so I can ensure the minimum privileges are assigned to identities for my use cases.

      Developers of OpenAM have been annotating the endpoints in the REST API so that the details of the endpoints appear in the API Explorer. The suggestion here is for developers to start annotating the privileges required, eg. amadmin, superUser, a particular realm privilege, any authenticated user) so that this information can also be available in API Explorer.

      Such information is inconsistently documented. This information could be reflected in the documents. At present, developers have to resort to guess work, source code analysis or trial and error to ascertain what privileges are required.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            simon.harding Simon Harding
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: