Open TheTechArch opened 2 years ago
@TheTechArch - er denne US fortsatt aktuell eller kan den arkiveres?
@TheTechArch - kan vi lukke denne?
@TheTechArch - er denne fortsatt aktuell? Evt fikset i https://github.com/Altinn/altinn-authorization/issues/448?
Description
Currently, Altinn 3 PDP only supports XACML Policies created for Apps. The PRP (Policy Retrieval Point) expects that any PDP request to this component contains an org + app.
We need to add support for generic authorization resources.
Considerations
Resource IDentifications
We need to define a fixed id that should be used to identify the policy
Example authzresource
Do we need that the resource belongs to an org? That would be a limitation
Resource Metadata
To delegate, we need to be able to add metadata about the resources.
Registering of Resources.
We need a new API that allows the registration of resources. The main resource needs to be unique and the organization registration will own that resource forever.
Development task