Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-4211

CANFAR Science Platform access to IAM through the Group Management Service

Change Owns to Parent OfsSet start and due date...
    XporterXMLWordPrintable

Details

    • Feature
    • Must have
    • PI22
    • SRCnet AAA
    • None
    • SRCnet
    • Hide

      BH: Improve the long-term security of the /gms application as a user information level client by removing the need for that service to have its own IAM account or for IAM to provide global access to the `scim:read` scope.

      Show
      BH: Improve the long-term security of the /gms application as a user information level client by removing the need for that service to have its own IAM account or for IAM to provide global access to the `scim:read` scope.
    • Hide

      AC: /gms works with prototype IAM version 1.8.3 deployment to provide user information.

      Show
      AC: /gms works with prototype IAM version 1.8.3 deployment to provide user information.
    • 0.5
    • 2
    • 0
    • Team_RED
    • Hide

      Updated version deployed. As a result, the following command has resumed working:

       
      $ curl -Lv --header "authorization: bearer ${SKA_TOKEN}" "https://ska-gms.stfc.ac.uk/gms/search?group=prototyping-groups"

      Show
      Updated version deployed. As a result, the following command has resumed working:   $ curl -Lv --header "authorization: bearer ${SKA_TOKEN}" " https://ska-gms.stfc.ac.uk/gms/search?group=prototyping-groups "
    • 24.3
    • Stories Completed, Satisfies Acceptance Criteria

    • PI24 - UNCOVERED

    Description

      The GMS Service used to authenticate with the INDIGO IAM needs a dedicated OIDC Client to confine SCIM access as it requires a specific Scope (scim:read).

      The Slack thread that instigated this work is here: https://skao.slack.com/archives/C045VJF8R26/p1710755484781399

      Attachments

        Issue Links

          Child Of

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. SP-4872 AAA v0.1 - Roadmap

          • Not Assigned - Priority is not assigned yet.
          • Implementing

          Structure

            Activity

              People

                B.Major Major, Brian
                s.goliath sharon goliath
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Feature Progress

                  Story Point Burn-up: (100.00%)

                  Feature Estimate: 0.5

                  IssuesStory Points
                  To Do00.0
                  In Progress   00.0
                  Complete15.0
                  Total15.0

                  Dates

                    Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel