search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
741 stars 719 forks source link

Add Action Management REST API #20748

Open ashanthamara opened 1 month ago

ashanthamara commented 1 month ago

Description

Implement management REST APIs for Action configurations.

Sub Task Issue for: https://github.com/wso2/product-is/issues/20747

API definition:

https://app.swaggerhub.com/apis/ASHANTEST02/actions/1.0.0

image
ashanthamara commented 1 month ago

Initial PRs:

ashanthamara commented 3 weeks ago

Integration of Secret Management to Action Management Component

With the introduction of the new Action Management component, we are storing the secrets of the external endpoints in our system. Since we have a Saas offering it's a must to ensure that the secrets are properly encrypted before adding them to the database which is also comes as a requirement in the SOC compliance. So we need to improve the action-mgt component to store the secrets using the secret-mgt component.

Following authentication properties are considered as secrets.

  1. Basic Authentication
    • username: secret
    • password: secret
  2. Bearer Authentication
    • accessToken: secret
  3. API key Authentication
    • header: non-secret
    • value: secret

Related PRs:

ashanthamara commented 3 weeks ago

Change PATCH endpoint to update the full action including minor bug fixes:

ashanthamara commented 3 weeks ago

Updated APIs

https://app.swaggerhub.com/apis/ASHANTEST02/actions/1.0.0

image