Dear all,
For the development of the proxy we need a set of attributes that have to
be returned by the PDP in the request for token validation. These
attributes should be stored by the IdM and be returned by the PDP, and they
will be forwarded to the GEs.
Here I send you an example of response from the Proxy to the GEs with these
attributes:
{
"access":{
"token":{
"expires":"2012-02-05T00:00:00",
"id":"887665443383838",
"tenant":{
"id":"1",
"name":"customer-x"
}
},
"user":{
"name":"joeuser",
"tenantName":"customer-x",
"id":"1",
"roles":[
{
"serviceId":"1",
"id":"3",
"name":"Member"
}
],
"tenantId":"1"
}
}}
Of course, this information should be provided also by the PDP but in a
format compatible with the PDP API. These attributes include information
about the auth token (expiration date, id, and organization to which it is
related), the user (name and id), the organization (tenant) in which the
user is authenticated, and the roles the user plays within the
organization. At UPM we believe that user, organization and roles can be
attributes that may be previously stored in the IdM, and that they can be
returned during the auth token request between the Proxy and the PDP.
The question is whether you also believe these attributes can be defined at
the IdM and be returned by the PDP and why. I would also like to see an
example of PDP response where we could see these attributes.
Thanks!
Best regards,
Javier Cerviño.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-api-cross/attachments/20130521/d46fd416/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy