Open murdo-moj opened 8 months ago
Initial hypothesis:
=> We will use Azure Active Directory to authenticate and identify users
Cons:
=> We will use a third party / custom built middleware solution for authorisation - i.e. user groups and roles within the data platform
There may more discussion to be had around selecting this solution, although let's try Auth0 first as it's not a custom build from scratch and some team members are already familiar with it.
As @julialawrence points out, Auth0 is configurable with Terraform.
Cons:
User Story
As a user and platform developer I need/want/expect to have an identity service which works for our use case So that
Value / Purpose
Do we want to use Azure AD? Do we want to use OAuth? Do we need some middleware which maps an authenticated user to levels of access to data products?
eg Murdo is authenticated with Azure AD by the control panel Control panel requests Murdo's data access levels
Useful Contacts
No response
User Types
All users
Hypothesis
Proposal
AAD + Auth0. (more)
Additional Information
No response
Definition of Done