Ticket(s) | Title | User Story | Priority | Notes |
---|
| Requests API access. | As a Developer, I need a way to request access to APIs for my Apps. | Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - This functionality is provided by the developer portal. After a user creates an application, they can request access to API(s) by selecting the API link initially, or by selecting Edit <API name> to add more APIs.
|
| Notify developers on API approval | As a developer I would like to receive notification on API approval for automatic and for manual approvals.
| Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - Public APIs are approved automatically.
- Other APIs are approved at a later time and the user is not notified by the system.
- Requesting access to APIs that require approval put the application in Pending mode.
|
| Notify developer on the process to get access | The system should notify the developer in an email of the process to follow after they submit a request to use APis that require access. | Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - The monitoring service sends an email that an application has requested access to an API (that isn't auto-approved). It happens at 1 am.
- Add a notification to the developer as well with a link on how to request access. How to do?
|
| System display a link to documentation on how to submit access request form | The system should display a link to documentation on how to submit an access request form. | Status |
---|
colour | Yellow |
---|
title | nice to have |
---|
|
| - In addition to an email, the website should have a link to the steps to follow to submit access request.
- Display either on the Keys tab, or APIs tab
|
| Submit access approval documentation | As a developer I need to submit required documentation to have my API access approved. | Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - Current process is to fill
- Fill in a word document and email it to a person in the registrar office.
- Box link to the word document: https://ucsb.box.com/s/bm6y5dy68ng1pof8e6z804e4oj8vil2e
- A problem is that the approval is in email only.
- Box folder is not available to the entire campus, so a person has to email them the document.
- Proposed:
- Developer submits a form (content) in Drupal that starts the workflow process.
- The form will contain the fields in the word document
.
| Approver - linked above.
- The form will include the submitting developer contact information.
- The developer will not fill in the gateway admin, or business approver. These will be filled in by the gateway admin after submission.
- The form will include the list of API products requested.
- An email to support@developer.ucsb.edu will be generated as a first step in the workflow.
- A Gateway Admin will assign the document to themselves and fill in the gateway admin and business approver contacts.
|
| Business approver to approve or deny API access | As a business owner of the data and an API approver I want to be able to record my Api notified of a pending approval. I want to review the information submitted, contact the developer if I have questions, request changes, and record my API approval or denial. | Status |
---|
colour | Green |
---|
title | must have |
---|
| Gateway admin receive notification to approve APIs | - People in the Business Approver role can perform this action.
- The business approver listed in the form is notified of a pending request via email. Email is sent to a personal email and to a generic email account. Email includes a link to the form in the portal, a contact information for the request (developer), and the assigned gateway admin.
- Business approver logs into Apigee and approves or denies the request.
- Business approver can go back and forth with the developer to get additional information and to request that certain APIs are added or removed from the Application.
- Business approver sets the step in the workflow to move it to the next step.
|
| Admins to receive notification of a new API request form submission | Once a developer submits the form request, an email will be sent to support@developer.ucsb.edu. One of the API administrators will fill in the gateway administrator and a business approver in the form.
| Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - People in the API Administrator role can perform this action.
- API admins receive an email once a day of a new API request that needs approval. This is done with the scheduled job at 1am and it is sent to support@developer.ucsb.edu.
- API Admin can get the business approver email and generic email account from a list of APIs.
|
| Gateway admin to approve or deny API access | After the business approver approves the API product access, the gateway admin is notified to review the request and approve the API product request. | Status |
---|
colour | Green |
---|
title | must have |
---|
| Gateway admin to have | - API Admin reviews the data in the form.
- API Admin makes sure that the list of APIs that were approved in the form is the same as the list of APIs requested in the application.
- API admin grants access to the requested APIs.
|
| Provide easy access to application contact info and other information | As a developer, business approver and API admin and gateway admin I would like to see a list of applications and get contact information and other. | Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - create a page that lists all application requests and approvals.
- Make the page available to business approvers and API admins.
- Make the documents visible to their owners.
- How will it work with the teams feature? Can the entire team see a document that a teammate has submitted?
|
| Allow for access request to APis approved by different departments. | As a developer I want to make one request for all APIs needed, regardless of who the approving department is. As an API approver I would like to have a way to approve API requests even if there are multiple approvers involved. | Status |
---|
colour | Green |
---|
title | must have |
---|
|
| - Allow for multiple business apprvers to approve the APi access request, in case the APIs are provided by multiple departments and require separate approval.
- Gateway admin can facilitate these by setting the workflow in the appropriate state.
- Can add additional fields for additional business approvers, or GA can email them.
|