search

OpenLiberty / docs

See Open Liberty documentation on https://openliberty.io/docs/
https://openliberty.io/docs/
Other
13 stars 47 forks source link

(sec-29) need to document new OpenId Connect Provider capabilities #330

Open brutif opened 5 years ago

brutif commented 5 years ago

The OpenIdConnectProvider feature has some new capabilities added that we need to document at openliberty.io/docs. Draft content is at https://github.com/brutif/app-password-app-token-docs .

NottyCode commented 5 years ago

Please do not add links from github.com to private internal git repositories that are unreadable unless you are an IBM employee. Please provide a full and complete description and comment on what this is for.

lauracowen commented 5 years ago

@brutif (as Alasdair says - please move the proposed topics to public GitHub and update the links above) For the new topics you've proposed, can you give concrete examples of what the developer might be trying to achieve by following the documentation so that there is context? For example, no one will configure and use an OpenId Connect Provider to use application passwords for the sake of it. There must be a bigger purpose for the developer to even care about OpenID Connect and application passwords in the first place. Take the scenario used in the Open Liberty guides of retrieving system properties (eg in https://openliberty.io/guides/rest-intro.html and https://openliberty.io/guides/microprofile-rest-client.html) or the music database scenario used in REST clients doc and show where this aspect of security fits.

In the OL docs, we need to show how the capability supports developing and deploying cloud-native microservices and, in general, show its relevance to developers so that they understand why and when to use it.

brutif commented 5 years ago

Draft documentation is now here https://github.com/brutif/app-password-app-token-docs

brutif commented 5 years ago

a blog entry for this content is here https://github.com/OpenLiberty/open-liberty/issues/8453

lauracowen commented 5 years ago

@brutif Wasn't this completed in 19.0.0.9? see https://openliberty.io/blog/2019/09/13/microprofile-reactive-messaging-19009.html#oidc

brutif commented 5 years ago

Hi @lauracowen https://github.com/brutif/app-password-app-token-docs is the draft content for openliberty.io/docs. It includes the usage of the REST endpoints which was not mentioned in the blog.

lauracowen commented 5 years ago

Oh, sorry. I was getting issues mixed up - this is for the docs, not the blog post. Ok, thx

dmuelle commented 4 years ago

The endpoints in this issue are intended to be used through the admin center UI, which is not currently available for OL