deft/notes/cisco_org_level_entities.org

:PROPERTIES:
:ID:       b30f9e63-e655-40e6-9a58-5a390a7921bb
:END:
#+TITLE: Cisco: Org Level OAuth2 Clients
#+Author: Yann Esposito
#+Date: [2022-05-02]
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
- source ::


* Org Level Clients

Goal of the epic:

The goal of this Epic is to handle the case where the creator of a client
leave the company.
We still wish to keep the client working.

In the current schema of a client in IROH the field ~owner-id~ is optional.
So it seems natural to just provide a mechanism such that if this field
does not exists, then the client is considered to be an org-level client.

What does this mean:

1. Every admin of the org should be able to see and edit the client
2. During the creation of the client we should add an option such that we
   know this client is an org-level client

Looking at the code, it means that we should just change the
~iroh-auth.oauth2-client-service.core/accessible-for?~ function

** Security concerns

The client secret is only known by its owner when delivered.
Then this secret should also be used by the client code.
So other people working with the client's owner should probably be able to
get that password.
But when the owner leave the company, knowing the secret might have some
security concern.
So ideally, the client secret should be updated on both end (inside IROH
and in the Client program).

Actionable: Add a change client secret endpoint.
notes/cisco_org_level_entities.org 2022-05-02 15:10:18 +00:00			`:PROPERTIES:`
			`:ID: b30f9e63-e655-40e6-9a58-5a390a7921bb`
			`:END:`
notes/cisco_org_level_entities.org 2022-05-02 15:20:37 +00:00			`#+TITLE: Cisco: Org Level OAuth2 Clients`
notes/cisco_org_level_entities.org 2022-05-02 15:10:18 +00:00			`#+Author: Yann Esposito`
			`#+Date: [2022-05-02]`
			`- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]`
			`- source ::`
notes/cisco_org_level_entities.org 2022-05-02 15:12:03 +00:00


notes/cisco_org_level_entities.org 2022-05-02 15:20:37 +00:00			`* Org Level Clients`
notes/cisco_org_level_entities.org 2022-05-02 15:13:33 +00:00
			`Goal of the epic:`

			`The goal of this Epic is to handle the case where the creator of a client`
			`leave the company.`
			`We still wish to keep the client working.`
notes/cisco_org_level_entities.org 2022-05-02 15:16:11 +00:00
notes/cisco_org_level_entities.org 2022-05-02 15:21:47 +00:00			`In the current schema of a client in IROH the field ~owner-id~ is optional.`
notes/cisco_org_level_entities.org 2022-05-02 15:22:55 +00:00			`So it seems natural to just provide a mechanism such that if this field`
			`does not exists, then the client is considered to be an org-level client.`

			`What does this mean:`

			`1. Every admin of the org should be able to see and edit the client`
notes/cisco_org_level_entities.org 2022-05-02 15:24:04 +00:00			`2. During the creation of the client we should add an option such that we`
			`know this client is an org-level client`
notes/cisco_org_level_entities.org 2022-05-02 15:20:37 +00:00
notes/cisco_org_level_entities.org 2022-05-02 15:25:09 +00:00			`Looking at the code, it means that we should just change the`
			`~iroh-auth.oauth2-client-service.core/accessible-for?~ function`
notes/cisco_org_level_entities.org 2022-05-02 15:26:10 +00:00
notes/cisco_org_level_entities.org 2022-05-02 15:24:04 +00:00			`** Security concerns`
notes/cisco_org_level_entities.org 2022-05-02 15:16:11 +00:00
notes/cisco_org_level_entities.org 2022-05-02 15:24:04 +00:00			`The client secret is only known by its owner when delivered.`
			`Then this secret should also be used by the client code.`
			`So other people working with the client's owner should probably be able to`
			`get that password.`
			`But when the owner leave the company, knowing the secret might have some`
			`security concern.`
			`So ideally, the client secret should be updated on both end (inside IROH`
			`and in the Client program).`
notes/cisco_org_level_entities.org 2022-05-02 15:16:11 +00:00
notes/cisco_org_level_entities.org 2022-05-02 15:24:04 +00:00			`Actionable: Add a change client secret endpoint.`