-
Type:
Improvement
-
Status: Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 12.0.0
-
Fix Version/s: None
-
Component/s: policy
-
Labels:None
-
Rank:1|hzphkf:
This issue is really applicable to all restful APIs provided by OpenAM and not just the one that I've covered here.
Section 4.2.1 of the 12.0.0 Developer's Guide covers requesting policy decisions for specific resources but fails to outline possible responses beyond a successful policy evaluation. For example, if the included subject represents an expired session then the response code for the call is a 400 and an application/json payload that looks like this, "
{"code":400,"reason":"Bad Request","message":"Invalid value subject"}". It would be good to cover all possible response codes and payloads so that developers can plan on handling each case appropriately without having to discover the behavior on their own and then adjusting the solution.