sequencescape icon indicating copy to clipboard operation
sequencescape copied to clipboard

Published 20 hours ago verified publisher icon sanger

DPL-406 Research API v2 authentication, user authentication and authorisation

Open harrietc52 opened this issue 2 years ago • 2 comments

Description

Generalised architectural plan for API authentication, user authentication and authorisation

Consider:

  • users via browser
  • user via intermediate applications (e.g. Limber UI talking to SS backend)
  • internal calls
  • platform independent (Ruby/Python/JS/Vue)

Who the primary contacts are for this work @harrietc52 @JamesGlover

Knowledge or Stake holders

Might be worth having a day committed learning, where everyone can research different approaches, possibly a Wednesday? On Site activity. Could we get an expert in?

Additional context or information

Research task required for https://github.com/sanger/deployment/issues/128

harrietc52 avatar Jun 07 '22 10:06 harrietc52

Things to consider:

  1. We may have different levels of confidence in a user's session (eg. swipecard vs 2-factor)
  2. Consider shared computers, session length and friction
  3. Shared architecture, but shouldn't imply centralised system - although that could be worth considering.

JamesGlover avatar Jun 07 '22 10:06 JamesGlover

Worth considering if we can backport the solution to, say, API V1 without breaking existing authorization

JamesGlover avatar Jun 07 '22 10:06 JamesGlover