From 790f1bf2ff05d4f4ea8b69f514e092092f43f1cd Mon Sep 17 00:00:00 2001
From: "Yann Esposito (Yogsototh)" <yann.esposito@gmail.com>
Date: Tue, 29 Sep 2020 14:28:46 +0200
Subject: [PATCH] tracker.org

---
 tracker.org | 29 +++--------------------------
 1 file changed, 3 insertions(+), 26 deletions(-)

diff --git a/tracker.org b/tracker.org
index 9afe23a2..bdb35685 100644
--- a/tracker.org
+++ b/tracker.org
@@ -303,33 +303,10 @@ IROH-Auth currently work with 3 IdPs:
 - SxSO (Okta)
 
 SxSO is the only IdP from which we do not care about the =organization-id=.
+So organization created through login via IDB AMP or IDB TG will be called
+/managed orgs/. Mainly the IdP is responsible for the name of the =org-id=.
 
-During the first login of a new user we can create a new org.
-To support different protocols and login IdP we centralize the 3rd party
-information about some user in a structure called =SessionTokenInfos=:
-
-#+BEGIN_SRC clojure
-(s/defschema SessionTokenInfos
-  (st/open-schema
-   (st/merge
-    {:token-id s/Str
-     :user-id s/Str
-     :org-id s/Str}
-    (st/optional-keys
-     {:role s/Str
-      :scopes (s/either [s/Str] #{s/Str})
-      :idp-id s/Str
-      :user-email s/Str
-      :user-nick s/Str
-      :org-name s/Str
-      :original-org-id s/Str
-      :original-user-id s/Str
-      :lifetime-in-sec s/Int
-      :max-clock-skew  s/Int
-      :oidc-identity-token {:id_token s/Str
-                            s/Keyword s/Any}
-      :saml-response s/Str}))))
-#+END_SRC
+For managed orgs, we create the org using the function =iroh-auth.iroh-auth-service.core/sync-user-org=.
 **** DONE back to work                                            :work:
 :LOGBOOK:
 CLOCK: [2020-09-29 Tue 13:57]--[2020-09-29 Tue 14:04] =>  0:07