Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Page Properties


Project TitleAccess Request Workflow
Target Release
Epic
Document Status
Status
titleDRAFT
Document Owner
Document Sign-Off
Subject Matter Expert(s)
Technical Expert(s)Ian Lessing (Unlicensed)Steven Maglio


Background & Business Value

...

  • The approval of APIs will be done by business users in most cases, such as the Registrar office. 
  • Other approvals might be done by technical managers at ETS, ARIT, etc.
  • API and API product are used interchangeably in this document. Developers can request access only to API products.
  • Roles:
    • API Admin - a user role in the portal that gives elevated access to manage the API and Application contents.
    • Business Approver - a user role in the portal that allows users to approve publishing and application access requests.
    • Developer - a use role in the portal assigned to every person creating an application and requesting access to API products.
    • Gateway Admin - a person that has admin rights in the Apigee gateway.
    • All gateway admins are also API admins in the developer portal.
    • Developer portal: developer.ucsb.edu

Out of Scope

Requirements

Approver
Ticket(s)TitleUser StoryPriorityNotes

Requests API access.As a Developer, I need a way to request access to APIs for my Apps.
Status
colourGreen
titlemust have
  • This functionality is provided by the developer portal. After a user creates an application, they can request access to API(s) by selecting the API link initially, or by selecting Edit <API name> to add more APIs.

Notify developers on API approval

 As a developer I would like to receive notification on API approval for automatic and for manual approvals. 


Status
colourGreen
titlemust have
  • Public APIs are approved automatically.
  • Other APIs are approved at a later time and the user is not notified by the system.
  • Requesting access to APIs that require approval put the application in Pending mode. 

Notify developer on the process to get accessThe system should notify the developer in an email of the process to follow after they submit a request to use APis that require access.
Status
colourGreen
titlemust have
  • The monitoring service sends an email that an application has requested access to an API (that isn't auto-approved). It happens at 1 am.
  • Add a notification to the developer as well with a link on how to request access. How to do?

System display a link to documentation on how to submit access request formThe system should display a link to documentation on how to submit an access request form.
Status
colourYellow
titlenice to have
  • In addition to an email, the website should have a link to the steps to follow to submit access request.
  • Display either on the Keys tab, or APIs tab

Submit access approval documentationAs a developer I need to submit required documentation to have my API access approved.
Status
colourGreen
titlemust have
  • Current process is to fill
    • Fill in a word document and email it to a person in the registrar office. 
    • Box link to the word document: https://ucsb.box.com/s/bm6y5dy68ng1pof8e6z804e4oj8vil2e
    • A problem is that the approval is in email only. 
    • Box folder is not available to the entire campus, so a person has to email them the document.
  • Proposed:
    • Developer submits a form (content) in Drupal that starts the workflow process.
    • The form will contain the fields in the word document
    .
    • linked above. 
    • The form will include the submitting developer contact information.
    • The developer will not fill in the gateway admin, or business approver. These will be filled in by the gateway admin after submission.
    • The form will include the list of API products requested.
    • An email to support@developer.ucsb.edu will be generated as a first step in the workflow.
    • A Gateway Admin will assign the document to themselves and fill in the gateway admin and business approver contacts. 

Business approver to approve or deny API accessAs a business owner of the data and an API approver I want to be able to record my Api notified of a pending approval. I want to review the information submitted, contact the developer if I have questions, request changes, and record my API approval or denial. 
Status
colourGreen
titlemust have
Gateway admin receive notification to approve APIs
  • People in the Business Approver role can perform this action.
  • The business approver listed in the form is notified of a pending request via email. Email is sent to a personal email and to a generic email account. Email includes a link to the form in the portal, a contact information for the request (developer), and the assigned gateway admin.
  • Business approver logs into Apigee and approves or denies the request.
  • Business approver can go back and forth with the developer to get additional information and to request that certain APIs are added or removed from the Application.
  • Business approver sets the step in the workflow to move it to the next step.

Admins to receive notification of a new API request form submission

Once a developer submits the form request, an email will be sent to support@developer.ucsb.edu. One of the API administrators will fill in the gateway administrator and a business approver in the form. 


Status
colourGreen
titlemust have
  • People in the API Administrator role can perform this action.
  • API admins receive an email once a day of a new API request that needs approval. This is done with the scheduled job at 1am and it is sent to support@developer.ucsb.edu.
  • API Admin can get the business approver email and generic email account from a list of APIs. 

Gateway admin to approve or deny API accessAfter the business approver approves the API product access, the gateway admin is notified to review the request and approve the API product request.
Status
colourGreen
titlemust have
Gateway admin to have
  • API Admin reviews the data in the form. 
  • API Admin makes sure that the list of APIs that were approved in the form is the same as the list of APIs requested in the application. 
  • API admin grants access to the requested APIs. 

Provide easy access to application contact info and other informationAs a developer, business approver and API admin and gateway admin I would like to see a list of applications and get contact information and other.
Status
colourGreen
titlemust have
  • create a page that lists all application requests and approvals. 
  • Make the page available to business approvers and API admins. 
  • Make the documents visible to their owners. 
  • How will it work with the teams feature? Can the entire team see a document that a teammate has submitted?

Allow for access request to APis approved by different departments. As a developer I want to make one request for all APIs needed, regardless of who the approving department is. As an API approver I would like to have a way to approve API requests even if there are multiple approvers involved. 
Status
colourGreen
titlemust have
  • Allow for multiple business apprvers to approve the APi access request, in case the APIs are provided by multiple departments and require separate approval. 
  • Gateway admin can facilitate these by setting the workflow in the appropriate state.
  • Can add additional fields for additional business approvers, or GA can email them.

User Interaction, Design & Architecture

...