search

CDCgov / prime-reportstream

ReportStream is a public intermediary tool for delivery of data between different parts of the healthcare ecosystem.
https://reportstream.cdc.gov
Creative Commons Zero v1.0 Universal
72 stars 40 forks source link

Authorization strategy and implementation for submissions endpoint #15801

Closed jalbinson closed 1 month ago

jalbinson commented 2 months ago

User Story

As a sender onboarded to ReportStream, I want to be authorized to hit the submissions endpoint

Description/Use Case

We want to only allow authorized senders to hit the submissions endpoint.

Risks/Impacts/Considerations

A nefarious user could submit false reports which could skew public health data.

Dev Notes

Acceptance Criteria

Andrey-Glazkv commented 2 months ago

Hey team! Please add your planning poker estimate with Zenhub @adegolier @arnejduranovic @brick-green @david-navapbc @jack-h-wang @jalbinson @JFisk42 @mkalish @thetaurean

dylansmith-Nava commented 2 months ago

Linking some of the prior research here:

The general understanding of the research was that verification by Okta to securely log into and use the RS platform =/= "you are who you say you are". That is, you could be verified by Okta but still be a shady organization that we know nothing about. To really know whether an organization is or isn't nefarious, we'd need a level of Identity Proofing which we don't have yet.

So it's important to point out that this ticket would NOT mitigate or reduce the only stated risk.

jalbinson commented 1 month ago

Decisions made in this ticket are documented in the UP SRD under "Authorization Service Software Requirements"

arnejduranovic commented 1 month ago

The SRD this ticket updated will be implemented here: https://github.com/CDCgov/prime-reportstream/issues/14601