| Ticket(s) | Title | User Story | Priority | Notes |
|---|
| Campus Service Accounts | As an Application Developer, I need the Campus to have the ability to create Service Accounts for my Applications. | | Status |
|---|
| |
|---|
| colour | Green |
|---|
| title | must have |
|---|
|
| Just noting that we would like for the Campus IdM System to support Service Accounts - They must have UCSB Net IDs and Passwords that can be Authenticated through OAuth
- There will need to way to enter the Service Account UCSB Net ID for association.
- When an Apigee Application is Created, the Apigee Client Id will need to be pushed into the Campus IdM's Service Account as an Attribute.
- The Apigee Client Id attribute must be retrievable as an OAuth claim or "access token key/value pair".
| As an Application Developer, I would like to create a UCSB Service Account with a UCSB Net ID and Password for my Application at the time of Registration. | | Status |
|---|
| colour | Yellow |
|---|
| title | nice to have |
|---|
As an Application Developer, I would like to sign in using my UCSB Net ID and password in order to do Proof of Concept work. |
| | Status |
|---|
| colour | Grey |
|---|
| title | api account |
|---|
| Status |
|---|
| colour | Green |
|---|
| title | must have |
|---|
This IS NOT the way the system currently works. But, it can be easily implemented. This IS an edge-case, not the main use case. - During account creation, the UcsbCampusId will be stored in Apigee as the foreign key.
- These are intended for Developers to do Proof of Concept work and generally try things out.
| Register Application
(Campus Service Account) | As an Application Developer, I would like to Register an Application with a UCSB Net ID Service Account which will belong to currently logged in account. | | title | api account |
|---|
| Status |
|---|
colour | | Grey | | This | is NOT the way the system currently works. But, is needed in all scenarios. - There will need be a way add the Campus Service Account UCSB Net ID.
- The ucsbNetId should be stored in Apigee as a custom attribute on the Application
- The Campus IdM system should populate an apigeeClientId attribute on a Service Account record
- If the Service Account already has an apigeeClientId associated with it, it should return an error. Campus IdM Service accounts should only be associated with
| on - one apigeeClientId.
- If the UCSB Net ID given is not a Service Account it should throw an error.
|
| Campus Service Account Creation in Developer Portal | As an Application Developer, I would like to sign into Developer Portal using a UCSB Net ID and Password that was created for a Campus Development Team.manage UCSB Service Accounts that I create through the Developer Portal. | | Status |
|---|
| |
|---|
| colour | Yellow |
|---|
| title | nice to have |
|---|
|
| - If Service Accounts can be created through the Developer Portal ...
- Creation
- There should be a way to designate the
ucsbNetId of the Service Account - There should be a way to designate the
password of the Service Account - Apigee generates a
client_id and client_secret for every application registered with it. It would be possible to use those values. But, those values are not human friendly.- It would be preferable to have human friendly names for looking through audit logs
- Deletion
- When removing the application from there should be a way to remove the Service Account from the Campus IdM system at the same time.
- This should be the default option.
- Updating
- This should be handled by a Campus IdM solution ...
- But, if it's more convenient within the Developer Portal then these values might be possible candidates for update:
- Service Account Name (assuming ucsbCampusId is the unique identifier in Campus IdM, and apigeeClientId is the unique identifier in Apigee)
- Service Account Password
- Service Account Description
- Service Account Url
|
| SSO Enabled Individual Account Login
(Proof-of-Concept Work) | As an Application Developer, I would like to sign in using my UCSB Net ID and password in order to do Proof of Concept work. | | Status |
|---|
| |
|---|
| colour | Green |
|---|
| title | must have |
|---|
|
| This is an edge case, not the main use case. - During account creation, the UcsbCampusId will be stored in Apigee as the foreign key.
- These are intended for Developers to do Proof of Concept work and generally try things out.
|
| SSO Enabled Campus Team Accounts
| As an Application Developer, I need the Campus to have the ability to create Team Accounts for my Development Team | | Status |
|---|
| |
|---|
| colour | YellowGreen |
|---|
| title | nice to must have |
|---|
|
| This would require Just noting that we would like for the Campus IdM Team to implement "Group/Team Accounts" that would have UCSB Net ID's and Passwords.System to support Team Accounts - They must have UCSB Net IDs and Passwords that can be Authenticated through CAS (OAuth would work too)
- These would be used as Apigee Developer Accounts
|
| SSO Enabled Team Account Login
| As an Application Developer, I would like to sign in using my Teams UCSB Net ID and password in order to work on our Applications. | | Status |
|---|
| |
|---|
| colour | Green |
|---|
| title | must have |
|---|
|
| Same as the SSO Enabled Individual Account Login (Proof-of-Concept Work) story, but logging in using the Campus IdM Team Account. |
| SSO Enabled Register Application
(Campus Service Account)
| As an Application Developer, I would like to Register an Application with a UCSB Net ID Service Account which will belong to the Campus Developer Team. | | Status |
|---|
| |
|---|
| colour | BlueGreen |
|---|
| title | IDM Teamsmust have |
|---|
|
| Same as the Register Application (Campus Service Account) story, but associated with a Team instead of an Individual.
|
| Individual Accounts
| nice to have | As an Application Developer, I would like the Developer Portal to know what teams I belong to. | | | Campus IdM Team to implement "Group/Team Accounts" that would have UCSB Net ID's and Passwords.Apigee Product Suite to implement a Teams functionality. - Apigee would need to rearchitect their component model to have Teams.
- A developer would belong to one or more Teams.
|
| Apigee
| Status |
|---|
| |
|---|
| colour | Yellow |
|---|
| title | APIgee TEAMS |
|---|
|
| As an Application Developer, I would like to sign into the Developer Portal using my UCSB Net ID and Password. | | Yellow | | Status |
|---|
| colour | Yellow |
|---|
| title | nice to have |
|---|
| title |
|---|
|
| API TEAMS | | This would require the Apigee Product Suite to implement a Teams functionality. | Status |
|---|
| |
|---|
| colour | Yellow |
|---|
| title | APIgee TEAMS |
|---|
|
- Apigee would need to rearchitect their component model to have Teams.
- A developer would belong to one or more
|
| Register Application
(Campus Service Account)
| Status |
|---|
| |
|---|
| colour | Yellow |
|---|
| title | API TEAMSAPIgee TEAMS |
|---|
|
| As an Application Developer, I would like to Register an Application using a UCSB Service Account with a Development Team. | | Yellow | nice to have | This would require the Apigee Product Suite to implement a Teams functionality. | As an Application Developer, I would like to Register an Application with a UCSB Net ID Service Account with a Development Team. | | Status |
|---|
|
| colour | Yellow |
|---|
title | API TEAMS| Status |
|---|
| |
|---|
| colour | Yellow |
|---|
| title | APIgee TEAMS |
|---|
|
- This would be the same as the Register Application (Campus Service Account) story above, but you would also designate the Team of ownership at the time of registration.
| Third Party Company Account | As a Third Party Company, if a department requires I use the Campus API Gateway to retrieve data then I need to be able to create an account within the Developer Portal. | | Yellow | nice to | This would require the Apigee Product Suite to implement a Teams functionality- Ideally, the Third Party Company would be able to register a Team Account in Campus IdM. Then it's the same as the SSO Enabled Team Account Login story.
|
