[midPoint] REST authentication

Keith Hazelton keith.hazelton at wisc.edu
Thu Dec 8 18:56:22 CET 2016


Authentication and Authorization for APIs is a current work area in the Intenet2 Trust and Identity program.  As our work progresses, we’d be quite willing to share the API AuthNZ requirements arising out of the research and education domains. We are focusing first on APIs into, out of and within the identity and access control infrastructure itself.

email & jabber: keith.hazelton at wisc.edu
calendar: http://go.wisc.edu/i6zxx0

On 2016-12-08, 08:34 , "midPoint on behalf of Radovan Semancik" <midpoint-bounces at lists.evolveum.com on behalf of radovan.semancik at evolveum.com> wrote:

    Hi Adam,
    Now, this is subscriber talking. So we have to listen. Do you have any 
    plan how would you like to authenticate with your application? I think 
    that using OAuth2 is currently a common practice. If that approach is 
    suitable for you I would prefer that solution. But if you need something 
    simpler we can do that instead. I think this can still fit into midPoint 
    3.6 development plan.
    Radovan Semancik
    Software Architect
    On 12/08/2016 03:20 PM, Adam Davenport wrote:
    > We also have a requirement to call the midPoint API on behalf of a particular user.  Not only for the delegated administration mechanisms but also for auditing.  We plan on having a home grown application that users will use that calls the midPoint API.  We require midPoint to audit that userX performed an action on userY rather than the audit record indicating "application user" performed the action.  However, storing userX's credentials to send in the API calls is not a feasible practice.  Thank you.
    > Adam Davenport
    > Western University
    > _______________________________________________
    > midPoint mailing list
    > midPoint at lists.evolveum.com
    > http://lists.evolveum.com/mailman/listinfo/midpoint
    midPoint mailing list
    midPoint at lists.evolveum.com

More information about the midPoint mailing list