Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10912

Describe permissions required to use each REST endpoint in API Explorer

    Details

      Description

      As a developer I want to know what type of identity can consume a REST endpoint when looking at the API Explorer.

      As a security auditor working for a customer I want an understanding of the privileges required to use each endpoint so I can ensure the minimum privileges are assigned to identities for my use cases.

      Developers of OpenAM have been annotating the endpoints in the REST API so that the details of the endpoints appear in the API Explorer. The suggestion here is for developers to start annotating the privileges required, eg. amadmin, superUser, a particular realm privilege, any authenticated user) so that this information can also be available in API Explorer.

      Such information is inconsistently documented. This information could be reflected in the documents. At present, developers have to resort to guess work, source code analysis or trial and error to ascertain what privileges are required.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              simon.harding Simon Harding
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: