Epic Link | Key | Summary | T | Assignee | P | story points | Status | Resolution | Linked Issues | Sub-Tasks |
---|---|---|---|---|---|---|---|---|---|---|
IAM: Auth bank user in BOFE | SM-1855 | Authorize an action in Back Office bank system | Tadeáš Ursíny | 0.0 | Done | Done | SM-3602 , SM-2362 |
Review status: in preparation/ready to review/approved
As a BOFE System I want to fetch Bank User data to use it for the authorization decision.
Role: BOFE System
Objective: Get Bank User data for authorization decision.
Reason:
Team/group membership info will be used to handle permissions of Bank User. A team/group membership can limit what the Bank User can see and what actions they can take.
BOFE owns the authorization business logic which is based on user data (e.g. group membership, etc.)
Functional requirements:
BOFE interface should be a REST endpoint
UI requirements:
Process flow: n/a
Execution steps: n/a
Internal dependencies:
External dependencies:
Alternative scenarios: n/a
Acceptance criteria:
The logged in user’s user id, group membership should be part of the token.
The following endpoints are available:
get the name, email, group membership based on user ID
get all the checkers for a user based on user ID
logout: execute logout in OKTA
Simple Documentation is available at IAM for Back Office (Technical) describing the above with technical details accepted by the back office team.
Links to wireframes/UI: