-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EAM API: Add missing AppProvider #252
base: main
Are you sure you want to change the base?
Conversation
🦙 MegaLinter status: ✅ SUCCESS
See detailed report in MegaLinter reports |
@gainsley, for this API an ID parameter to identify an App Provider may not be useful as the API implements 3-Legs Token so the App Provider will be known by this method. |
Hi @javierlozallu, I'm not super-clear on what information will be in the authentication token, but typically a user can have permissions for multiple app providers (or all app providers, in the case of an admin). I would expect the auth token may provide for which data the user is allowed to access, but not which specific data (or AppProvider in this case) is being used in the context of the current API call. So I think the AppProvider field is still needed in the API call. Also tokens are typically valid for some time and can be used for multiple API calls before they expire, and the user may want to use different AppProviders for different API calls if they have permissions to do so, all while using the same auth token. |
@javierlozallu i think we still need to solve this - as Jon said the authentication does not solve for knowing the AppProvider: as defined in https://github.com/camaraproject/EdgeCloud/blob/main/documentation/SupportingDocuments/Edge%20terminology/edge_terminology.md the AppProvider is the entity owning the application backend (i.e. the "developer organization" or "ISV" if you will). So it's not an individual account but a logical entity to which multiple users can belong. It is necessary to add this to the model so it is clear to which AppProvider this belongs. A workload belongs to one AppProvider, but one AppProvider may be linked with multiple user accounts. |
What type of PR is this?
What this PR does / why we need it:
Adds the missing AppProvider to the AppManifest model.
Which issue(s) this PR fixes:
Fixes #251
Special notes for reviewers:
Changelog input
Additional documentation