Add endpoint for generating and deleting permanent token(s) for user using an LS AAI token.
The token can either be stored in the user collection, or a new collection can be made to store it. The token should not be able to be read after it is generated (e.g. if it's in the user collection, it must be purged from the user read query).
Request for comments: maximum number of tokens (e.g. one token), or no limit? If more than one token can be generated, then there should be an option to give the token a name, so that it can be identified for deletion.
Testing
Generate a token using an LS AAI token
Use a restricted endpoint with the token
Delete the token
Acceptance Criteria
The token should be able to be used in place of an LS AAI token, e.g. a Bearer token.
Proposed solution
Add endpoint for generating and deleting permanent token(s) for user using an LS AAI token.
The token can either be stored in the user collection, or a new collection can be made to store it. The token should not be able to be read after it is generated (e.g. if it's in the user collection, it must be purged from the user read query).
Request for comments: maximum number of tokens (e.g. one token), or no limit? If more than one token can be generated, then there should be an option to give the token a name, so that it can be identified for deletion.
Testing
Acceptance Criteria
The token should be able to be used in place of an LS AAI token, e.g. a Bearer token.