api-services-portal icon indicating copy to clipboard operation
api-services-portal copied to clipboard

Published 20 hours ago verified publisher icon bcgov

Test 'Kong ACL only' authorization flow

Open nirajCITZ opened this issue 3 years ago • 1 comments

Kong ACL only is currently used by a client that uses Siteminder to login. Other branch services also use it. This is valuable to include in the automation tests.

nirajCITZ avatar Jan 20 '22 06:01 nirajCITZ

As per discussion with Aidan, Kong ACL flow is applicable to SSO where user sign in with SIteMinder and based on user group on SSO Identity Management, Kong allow the user to allow or deny the service access. In APS we uses API and Client Credentials as Authentication and uses Keycloak as Identity management, Kong ACL only would not be applicable. Even Siteminder would be rid off eventually moving to Keycloak

nirajCITZ avatar Mar 15 '23 16:03 nirajCITZ