journal/2021-04-16--12-27-13Z--iroh_auth_presentation.org
This commit is contained in:
parent
fcae7e41e9
commit
abb248e25c
1 changed files with 36 additions and 0 deletions
|
@ -391,6 +391,42 @@ secrets:
|
|||
|
||||
* Clients
|
||||
|
||||
Client mandatory fields:
|
||||
|
||||
- =id= the unique id of the client accross all Threat Response,
|
||||
- =name= a name for the client that will be user facing,
|
||||
- =client-type= can be either =confidential= or =public=,
|
||||
- =grants= a list that could contain =auth-code= or =client-creds=,
|
||||
- =redirects= a set of URIs,
|
||||
- =scopes= a set of scopes,
|
||||
- =enabled?= a boolean, this field is editable by admin users,
|
||||
- =approved?= a boolean, editable only by Threat Response admins.
|
||||
|
||||
Client optional fields:
|
||||
|
||||
- =description=, a long description of the client that could be presented to the
|
||||
users during client authorization,
|
||||
- =owner-id=, the user id of the client's owner,
|
||||
- =org-id=, the org id of the client's owner,
|
||||
- =enabled-by=, the user id of the admin that enabled the client,
|
||||
- =disabled-by=, the user id of the admin that disabled the client,
|
||||
- =password=, also known as the "client's secret", public clients don't
|
||||
have a password,
|
||||
- =access-token-lifetime-in-sec=, access token lifetime this client provides,
|
||||
- =refresh-token-lifetime-in-sec=, refresh token lifetime this client provides,
|
||||
- =availability=, can be =user=, =org= or =everyone=. This filters the user that
|
||||
can grant access to this client:
|
||||
+ =user= only the owner
|
||||
+ =org= only org's members
|
||||
+ =everyone= any Threat Response user
|
||||
- =approval-status=, possible values are =waiting= =rejected= =approved=. During
|
||||
client creation some criteria will need an Threat Response Admin's approval,
|
||||
- =approver-id=, the user id of the user (a Threat Response admin) that approved the client
|
||||
- =approval-message=, a message left for the user.
|
||||
- =client-preset-id=, a Client Preset ID. Client Presets are explained in [[#client-presets]].
|
||||
|
||||
|
||||
|
||||
* 4 - Specifc Cisco Usage
|
||||
|
||||
- Orbital
|
||||
|
|
Loading…
Reference in a new issue