Closed pchainho closed 8 years ago
Updated user identity registration to be aligned with d4.1
@KCorre @ingofriese @Ricardo-Chaves could you have a look at: https://github.com/reTHINK-project/core-framework/blob/master/docs/specs/runtime/dynamic-view/identity-management/user-registration.md
I've also added two functions in the IdModule API to handle these procedures: https://github.com/reTHINK-project/core-framework/blob/master/docs/specs/runtime/runtime-apis.md#registeridentity
what do you think?
Hi Paulo, in step10, is it possible to have more insights about the returned tokens ? regards Ahmed
Hi Ahmed
I left it open but according to D4.1 they should be ID Token, Access Token and refresh Tokens
In the meanwhile I've also updated and completed the domain login procedures: https://github.com/reTHINK-project/core-framework/blob/master/docs/specs/runtime/dynamic-view/identity-management/domain-login.md
Hi Paulo,
(domain-login) looks OK, but shouldn't steps 8 and 9 go through the MsgBUS?
from which diagram?
in the last one step 8 is the token insertion in the msg and step 9 returns the authorised msg. this is performed by the Core Policy Engine located in the core runtime
Hi Paulo, In Step 1 I would replace "IdP URL and the IdP user identifier" by "IdP URL and the Id token" to match the diagram. Maybe suppress the comment about the process of identity creation, as it is not said which identity (for example the creation of GUID do is in the scope, can it be considered an identity?).
Done Simon I've also changed step 4 to keep it consistent, thx :)
https://github.com/reTHINK-project/core-framework/blob/master/docs/specs/runtime/dynamic-view/identity-management/domain-login.md
https://github.com/reTHINK-project/core-framework/blob/master/docs/specs/runtime/dynamic-view/identity-management/user-registration.md