This change adds an Auth0 client for the staging and production tenants. This is required in order to allow the IIIF Image APIs to authenticate and authorize users to view restricted images.
This change creates secrets in the Digirati AWS account that can be consumed to configure the Image API service at the paths:
What does this change?
This change adds an Auth0 client for the staging and production tenants. This is required in order to allow the IIIF Image APIs to authenticate and authorize users to view restricted images.
This change creates secrets in the Digirati AWS account that can be consumed to configure the Image API service at the paths:
wellcome/identity/[stage|prod]/iiif_image_api/auth0_client_id
wellcome/identity/[stage|prod]/iiif_image_api/auth0_client_secret
Related to: https://github.com/wellcomecollection/identity/pull/403
Part of: https://github.com/wellcomecollection/platform/issues/5747
terraform plan
How to test
The Digirati test client should allow users to sign-in without error: https://tomcrane.github.io/iiif-auth-client/?manifest=https://iiif.wellcomecollection.org/presentation/b20146267
How can we measure success?
Users for the Wellcome Collection with the appropriate roles can view restricted images.
Have we considered potential risks?
We must be careful that this change does not modify or delete any existing resources! The terraform apply indicates this is not the case.