Manage user identities and access tokens
-
Users can register in the custodian through a secure interface ( html page, or rest or manually) -
Users obtain an authentication token, which they can use to sign consents etc. -
Implement consent management to allow users to write/read data -
Users can sign consentfor mobile app, which returns a temporary application access token that uniquely identify that user for that applicationmoved to #24 (closed). -
Adapt end-points so that users can be identified and write or read data if consents authorizemove to data ingest command handlers and PDP. -
Automate PDP or access control/event handler filters (PEP) reconfiguration from consentmoved to #24 (closed).
With provision for future improvement:
-
Develop gateway (traefik, ngnix, or go from scratch) that validate the access token in rest API calls before routing to end-points (#7 (closed))
Edited by erbou