YvanMOJdigital
commented
11 months ago make sure to check in with appsandtools
Open PriyaBasker23 opened 11 months ago
YvanMOJdigital
commented
11 months ago make sure to check in with appsandtools
PriyaBasker23
commented
11 months ago Spoke to Julia and this is the agreed plan @YvanMOJdigital @julialawrence
User Story
As a data producer / controller I want to securely register data product and upload data
Value / Purpose
The existing authentication functionality relies on a single token verification within the Lambda authorizer. This setup lacks robust security since it doesn't allow us to track the user who uploaded data using a presigned URL.
To address this, we are initiating a spike to explore the integration of Azure AD with the API Gateway for the purpose of forwarding JWT tokens.
Hypothesis
We plan to implement user authentication by utilizing Azure AD in conjunction with the API Gateway.
Checklist
[ ] Please follow the guidelines outlined in the article at https://awskarthik82.medium.com/how-to integrate-azuread-b2c-with-aws-api-gateway-jwt-authorizer-26d7534399a.
[ ] Utilise the RestAPI and create a custom authorizer since a JWT authorizer is not an option for REST API.
[ ] The focus of this ticket is solely on authenticating users. The permission model is outside the scope of this task.
[ ] Build temporary localhost client page for App reg
[ ] If you don't have permission to reg apps in Azure Ad, please get help ( @jemnery )
Definition of Done