Document current authorization implementation #16722

jalbinson · 2024-12-05T20:36:16Z

User Story

As a member of the ReportStream team, I would like to understand our current authorization strategy.

Description/Use Case

We need clear documentation of our current authorization strategy so we can make informed decisions going forward. We want to make sure we can support all the same use-cases as the existing system if we were to decide changes are warranted.

Dev notes

See all endpoints defined here

Acceptance Criteria

Document current authorization approach(es)
Document all endpoints authorization requirements including:
- required scopes
- required groups
- any other checks (e.g.: client_id header, checking scope and group name formatting)
Document pros and cons of our current system

MichaelEsuruoso · 2024-12-09T17:21:34Z

Hey team! Please add your planning poker estimate with Zenhub @jack-h-wang @jalbinson @JFisk42 @kant777 @wcutshall

MichaelEsuruoso · 2024-12-09T17:21:47Z

Please add your planning poker estimate with Zenhub @adegolier

jalbinson added the platform Platform Team label Dec 5, 2024

MichaelEsuruoso assigned jalbinson Dec 6, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Document current authorization implementation #16722

Document current authorization implementation #16722

jalbinson commented Dec 5, 2024 •

edited by arnejduranovic

Loading

MichaelEsuruoso commented Dec 9, 2024

MichaelEsuruoso commented Dec 9, 2024

Document current authorization implementation #16722

Document current authorization implementation #16722

Comments

jalbinson commented Dec 5, 2024 • edited by arnejduranovic Loading

User Story

Description/Use Case

Dev notes

Acceptance Criteria

MichaelEsuruoso commented Dec 9, 2024

MichaelEsuruoso commented Dec 9, 2024

jalbinson commented Dec 5, 2024 •

edited by arnejduranovic

Loading