Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Project Title
Target Release
Epic
Document Status
DRAFT
Document Owner

Document Sign-Off
Subject Matter Expert(s)
Technical Expert(s)

Background & Business Value

This is the same use case as Usage: Application to Campus API Gateway Requirements, except that the Browser (instead of the Web Application Server) will be making calls directly to the API Gateway. As such, this means that the Web App Authentication/Access Token will need to be available within the browser. This is a security risk as browsers are insecure endpoints. The Campus API Gateway team would not suggest using this scenario and would alternatively suggest using the scenario described in Usage: Application to Campus API Gateway Requirements. However, if the risk is acceptable to your application, then ...

Goals

Out of Scope

Assumptions

Requirements

Must meet all requirements of Usage: Application to Campus API Gateway Requirements

Ticket(s)TitleUser StoryPriorityNotes

Access Tokens used in BrowserAs an Application Developer, the authentication/access tokens generated by the authentication system will need to be used from the browser.MUST HAVE





User Interaction, Design & Architecture

Please refer to Usage: Application to Campus API Gateway Requirements for a comparison with the standard use case.

Service Architecture for OAuth Token (PowerPoint)



Sequence Diagram for OAuth Token (WebSequenceDiagrams Link)



Service Architecture for OAuth JWT (PowerPoint)



Sequence Diagram for OAuth JWT (WebSequenceDiagrams Link)



Examples and References

Same as Usage: Application to Campus API Gateway Requirements

Questions

Below is a list of questions to be addressed as a result of this requirements document:

QuestionOutcomeDecision Date
  • No labels