[FOLIO-2523] SPIKE: improve design of authn/z Created: 23/Mar/20  Updated: 31/May/21

Status: Blocked
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Story Priority: P2
Reporter: Jakub Skoczen Assignee: Jakub Skoczen
Resolution: Unresolved Votes: 0
Labels: platform-backlog
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
is blocked by OKAPI-837 Remove permissions from X-Okapi-Token... Closed
Relates
relates to FOLIO-2556 SPIKE: investigate refresh tokens sup... Closed
relates to OKAPI-890 Implement Token Cache Closed
relates to MODLOGIN-119 change login API to return tokens in ... Closed
Sprint: CP: sprint 87, CP: Roadmap backlog, CP: sprint 85, CP: sprint 86
Story Points: 5
Development Team: Core: Platform

 Description   

TBD:
– summarise current design and refer to existing docs
– propose API changes
– propose additional utilities (like caching)

Goal

This goal is to improve the following aspects of the existing authn/z:

  • improve performance and cacheability – structure the API to limit the number of token signing requests
  • standardize and simplify mod-authtoken API – use regular RAML/JSON API defintion
  • lift header-size limites – move away from the header-oriented API, limit the number of custom headers

https://docs.google.com/document/d/14DVZC3MJRQfgNchMXzxtz4-2s0W9pmnXCLq5KbjeKaw/edit?usp=sharing


Generated at Thu Feb 08 23:21:17 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.