IdP Management

[jjeroch]

Summary

Restructure IdP management endpoints

As-Is GET /api/administration/identityprovider/owncompany/identityproviders

Functional Usage: used to display company IdPs

To-Be We need to differenciate between

• company connected IdPs
• company configuration IdPs (means those IdPs which the company can actually configure)

=> solution: add separate endpoints to validate the IdP types

Endpoint to receive SharedIdPs (GET /api/administration/identityprovider/shared)

• only for the operation company available

Endpoint to receive ownIdPs (GET /api/administration/identityprovider/owncompany/managedOwner)

• every company can access this endpoint; response: all managed IdPs (means type: Managed; owner: same company as acting user company ID)

additionally the following endpoints are useful

Endpoint to receive ownIdPs (GET /api/administration/identityprovider/owncompany/owned)

• every company can access this endpoint; response: all owned IdPs (means type: OWN; owner: same company as acting user company ID)

Endpoint to receive ownIdPs (GET /api/administration/identityprovider/owncompany/managedUser)

• every company can access this endpoint; response: all managed IdPs (means type: Managed; owner: same company as acting user company ID)

those are also covered by GET /api/administration/identityprovider/owncompany/identityproviders which provides the summarized response of those two endpoints.

[MaximilianHauer]

@oyo could you provide us an overview of the used places of the current API /api/administration/identityprovider/owncompany/identityproviders that we can define where to adjust what api