You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ColdFront API already supports authentication via OAuth (NERC Keycloak), so it can work with a user's own account.
In the current state of our API, only administrators can manage user/group memberships (staff flag in ColdFront,) and the user registration script supports authentication only using client credentials.
We should allow PIs and managers to issue API requests with their OAuth token to manage a project are PI or have the manager role on.
(Optionally, Investigate) Another advantage for implementing assignment of users to a project through the SCIM v2 API is to also to allow the possibility of universities to integrate their own tooling into the SCIM API. There is a myriad of tools already providing support for provisioning of users and group memberships into a SCIM API as listed here http://simplecloud.info and I would bet that a lot of the university and partner organizations are already making use of SCIM already for provisioning Google Workspace, Office 365, etc.
The text was updated successfully, but these errors were encountered:
The ColdFront API already supports authentication via OAuth (NERC Keycloak), so it can work with a user's own account.
In the current state of our API, only administrators can manage user/group memberships (
staffflag in ColdFront,) and the user registration script supports authentication only using client credentials.We should allow PIs and managers to issue API requests with their OAuth token to manage a project are PI or have the manager role on.
(Optionally, Investigate) Another advantage for implementing assignment of users to a project through the SCIM v2 API is to also to allow the possibility of universities to integrate their own tooling into the SCIM API. There is a myriad of tools already providing support for provisioning of users and group memberships into a SCIM API as listed here http://simplecloud.info and I would bet that a lot of the university and partner organizations are already making use of SCIM already for provisioning Google Workspace, Office 365, etc.
The text was updated successfully, but these errors were encountered: