deft/notes/cisco_org_level_entities.org

:PROPERTIES:
:ID:       b30f9e63-e655-40e6-9a58-5a390a7921bb
:END:
#+TITLE: Cisco: Org Level OAuth2 Clients
#+Author: Yann Esposito
#+Date: [2022-05-02]
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
- source ::



* Org Level Clients

Goal of the epic:

The goal of this Epic is to handle the case where the creator of a client
leave the company.
We still wish to keep the client working.

In the current schema of a client in IROH the field ~owner-id~ is optional.
So it seems natural to just provide a mechanism such that if this field
does not exists, then the client is considered to be an org-level client.
By doing so, it will ensure all the checks will not take care of the
owner's state.
Typically if the owner is disabled or removed from the org.

What does this mean:

1. Every admin of the org should be able to see and edit the client
2. During the creation of the client we should add an option such that we
   know this client is an org-level client

Looking at the code, it means that we should just change the
~iroh-auth.oauth2-client-service.core/accessible-for?~ function.

We should probably add a new optional field to ease both the creation and
the search of org-level clients.

I propose to add an optional ~org-level?~ field.
If true during the creation then we should not set the ~owner-id~ field in
the client.
Also for every client without any ~owner-id~ we should probably set this
~org-level?~.

** Security concerns

While not mandatory, handling an ownership change should mean we would like
to provide a way to change the client secret.
So we should provide a *Client Secret Reset* mechanism.
Probably a single POST endpoint that would generate a new password.