Most integration-service components are expected to run in the avni cloud, hence need to connect to Cognito. However, some of them could potentially be installed outside the Avni cloud in on-premise servers. eg: Amrit.
In such instances, it will be good to choose between Cognito and Keycloak. While details of Idp will be provided through the GET /idp-details call, choosing the right Idp will be a configuration on the job.
As an implementer, I should be able to configure
Acceptance criteria
When Idp provider is set up as Cognito for a specific job, the integration service should connect to Cognito
When Idp provider is set up as Keycloak for a specific job, integration-service should connect to Keycloak
Testing notes
Ensure Keycloak server is on while testing
Dev help might be required for testing this story
Technical tasks
Handle capability to configure integration to choose between Cognito and Keycloak as the IDP for a specific organisation's integration
Generate Access token for the "Keycloak as IDP" organisation's user using the "idp-details" call to fetch Keycloak info
Handle Error case scenarios related to token generation and refresh for the "Keycloak as IDP" organisation's user
vinayvenu
commented
1 year ago
Story
Most integration-service components are expected to run in the avni cloud, hence need to connect to Cognito. However, some of them could potentially be installed outside the Avni cloud in on-premise servers. eg: Amrit.
In such instances, it will be good to choose between Cognito and Keycloak. While details of Idp will be provided through the
GET /idp-detailscall, choosing the right Idp will be a configuration on the job.As an implementer, I should be able to configure
Acceptance criteria
Testing notes
Technical tasks
Postman collection and environment for Keycloak API to generate token is available at (Internally shared link) https://drive.google.com/drive/folders/1Gc6JuTc1I7psGxRqFXKS98NRJqxphJ4M?usp=share_link
Acceptance criteria