Ticket(s) | Title | User Story | Priority | Notes |
---|
| Campus Service Accounts | As an Application Developer, I need the Campus to have the ability to create Service Accounts for my Applications. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| Just noting that we would like for the Campus IdM System to support Service Accounts - They must have UCSB Net IDs and Passwords that can be Authenticated through OAuth
- There will need to way to enter the Service Account UCSB Net ID for association.
- When an Apigee Application is Created, the Apigee Client Id will need to be pushed into the Campus IdM's Service Account as an Attribute.
- The Apigee Client Id attribute must be retrievable as an OAuth claim or "access token key/value pair".
|
| Register Application (Campus Service Account) | As an Application Developer, I would like to Register an Application with a UCSB Net ID Service Account which will belong to currently logged in account. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| This is needed in all scenarios. - There will need be a way add the Campus Service Account UCSB Net ID.
- The ucsbNetId should be stored in Apigee as a custom attribute on the Application
- The Campus IdM system should populate an apigeeClientId attribute on a Service Account record
- If the Service Account already has an apigeeClientId associated with it, it should return an error. Campus IdM Service accounts should only be associated with one apigeeClientId.
- If the UCSB Net ID given is not a Service Account it should throw an error.
|
| Campus Service Account Creation in Developer Portal | As an Application Developer, I would like to manage UCSB Service Accounts that I create through the Developer Portal. | Status |
---|
| |
---|
colour | Yellow |
---|
title | nice to have |
---|
|
| - If Service Accounts can be created through the Developer Portal ...
- Creation
- There should be a way to designate the
ucsbNetId of the Service Account - There should be a way to designate the
password of the Service Account - Apigee generates a
client_id and client_secret for every application registered with it. It would be possible to use those values. But, those values are not human friendly.- It would be preferable to have human friendly names for looking through audit logs
- Deletion
- When removing the application from there should be a way to remove the Service Account from the Campus IdM system at the same time.
- This should be the default option.
- Updating
- This should be handled by a Campus IdM solution ...
- But, if it's more convenient within the Developer Portal then these values might be possible candidates for update:
- Service Account Name (assuming ucsbCampusId is the unique identifier in Campus IdM, and Apigee's
client_id is the unique identifier in Apigee) - Service Account Password
- Service Account Description
- Service Account Url
- Would SCIM be used for this? (Research)
|
| SSO Enabled Individual Account Login (Proof-of-Concept Work) | As an Application Developer, I would like to sign in using my UCSB Net ID and password in order to do Proof of Concept work. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| This is an edge case, not the main use case. - During account creation, the UcsbCampusId will be stored in Apigee as the foreign key.
- These are intended for Developers to do Proof of Concept work and generally try things out.
|
| SSO Enabled Campus Team Accounts
| As an Application Developer, I need the Campus to have the ability to create Team Accounts for my Development Team | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| Just noting that we would like for the Campus IdM System to support Team Accounts - They must have UCSB Net IDs and Passwords that can be Authenticated through CAS (OAuth would work too)
- These would be used as Apigee Developer Accounts
|
| SSO Enabled Team Account Login
| As an Application Developer, I would like to sign in using my Teams UCSB Net ID and password in order to work on our Applications. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| Same as the SSO Enabled Individual Account Login (Proof-of-Concept Work) story, but logging in using the Campus IdM Team Account. |
| SSO Enabled Register Application (Campus Service Account)
| As an Application Developer, I would like to Register an Application with a UCSB Net ID Service Account which will belong to the Campus Developer Team. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| Same as the Register Application (Campus Service Account) story, but associated with a Team instead of an Individual.
|
| Individual Accounts
Status |
---|
| |
---|
colour | Yellow |
---|
title | APIgee TEAMS |
---|
|
| As an Application Developer, I would like the Developer Portal to know what teams I belong to. | | This would require the Apigee Product Suite to implement a Teams functionality. - Apigee would need to rearchitect their component model to have Teams.
- A developer would belong to one or more Teams.
|
| Apigee
Status |
---|
| |
---|
colour | Yellow |
---|
title | APIgee TEAMS |
---|
|
| As an Application Developer, I would like to sign into the Developer Portal using my UCSB Net ID and Password. | | This would require the Apigee Product Suite to implement a Teams functionality. - Apigee would need to rearchitect their component model to have Teams.
- A developer would belong to one or more Teams.
|
| Register Application (Campus Service Account)
Status |
---|
| |
---|
colour | Yellow |
---|
title | APIgee TEAMS |
---|
|
| As an Application Developer, I would like to Register an Application using a UCSB Service Account with a Development Team. | | This would require the Apigee Product Suite to implement a Teams functionality. - This would be the same as the Register Application (Campus Service Account) story above, but you would also designate the Team of ownership at the time of registration.
|
| Third Party Company Account | As a Third Party Company, if a department requires I use the Campus API Gateway to retrieve data then I need to be able to create an account within the Developer Portal. | Status |
---|
| |
---|
colour | Green |
---|
title | must have |
---|
|
| - Ideally, the Third Party Company would be able to register a Team Account in Campus IdM. Then it's the same as the SSO Enabled Team Account Login story.
|