2022-05-02 15:10:18 +00:00
|
|
|
:PROPERTIES:
|
|
|
|
:ID: b30f9e63-e655-40e6-9a58-5a390a7921bb
|
|
|
|
:END:
|
|
|
|
#+TITLE: Cisco: Org Level Entities
|
|
|
|
#+Author: Yann Esposito
|
|
|
|
#+Date: [2022-05-02]
|
|
|
|
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
|
|
|
|
- source ::
|
2022-05-02 15:12:03 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Org Level Clients (and Entities)
|
2022-05-02 15:13:33 +00:00
|
|
|
|
|
|
|
Goal of the epic:
|
|
|
|
|
|
|
|
The goal of this Epic is to handle the case where the creator of a client
|
|
|
|
leave the company.
|
|
|
|
We still wish to keep the client working.
|
2022-05-02 15:16:11 +00:00
|
|
|
|
|
|
|
So here are a few things to consider:
|
|
|
|
|
|
|
|
1. The client secret is only known by its owner when delivered.
|
|
|
|
Then this secret should also be used by the client code.
|
|
|
|
So other people working with the client's owner should probably be able
|
|
|
|
to get that password.
|
|
|
|
But when the owner leave the company, knowing the secret might have some
|
|
|
|
security concern. So ideally, the client secret should be updated on
|
|
|
|
both end (inside IROH and in the Client program).
|
|
|
|
|
|
|
|
Actionable: Add a change client secret endpoint.
|
|
|
|
2.
|