As a developer,
I want to secure the /irs/job/callback endpoint,
so that the IRS system can validate that the requests to this endpoint are authenticated and acceptable.
Hints / Details
Currently, in IRS, there is no mechanism for authentication for the /irs/job/callback endpoint.
It would be beneficial to work with a key within the jobRegistration.
This key could be transferred to the /irs/job/callback address and validated to ensure that the request is acceptable.
Acceptance Criteria
A key mechanism is implemented within the jobRegistration.
The key is transferred securely to the /irs/job/callback endpoint.
The /irs/job/callback endpoint validates the key to ensure that the request is acceptable.
Only authenticated requests are processed by the /irs/job/callback endpoint.
Out of Scope
Changes to other endpoints not related to /irs/job/callback.
Implementation of additional authentication mechanisms outside the key-based validation.
As a developer, I want to secure the
/irs/job/callbackendpoint, so that the IRS system can validate that the requests to this endpoint are authenticated and acceptable.Hints / Details
/irs/job/callbackendpoint.jobRegistration./irs/job/callbackaddress and validated to ensure that the request is acceptable.Acceptance Criteria
jobRegistration./irs/job/callbackendpoint./irs/job/callbackendpoint validates the key to ensure that the request is acceptable./irs/job/callbackendpoint.Out of Scope
/irs/job/callback.