:PROPERTIES:
:ID:       83380ee8-f90a-41e0-955f-473b81a043d0
:END:
#+title: Cisco Staging Environment Presentation
#+Author: Yann Esposito
#+Date: [2023-10-18]

- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
- related :: [[id:c33df84f-9b64-47a8-b716-fcadc0ec4f8c][Cisco Staging Environment Doc]]
* Short History

1. Environment deployment was always a 3rd class citizen.
2. Node administration was always a 2nd class citizen, we had to build that ourselves
   in the middle of feature work.
3. 1st class citizen: "Integration" (make a Platform)
   1. Login
      + Use external IdP for user management (first without internal user DB)
        - supported SAML (deprecated now)
        - support OpenID Connect (as client)
   2. Share tokens
      + OAuth2 Client Credential Grant. (One client per user)
      + OAuth2 Authorization Code Grant. (One client per integration and
        multiple users, need a dedicated URL)
      + OAuth2 device grant. (One client per integration and multiple users, no
        dedicated URL)
   3. Share Identity
      + OpenID Connect Provider
   4. Use external APIs
      + Modules:
        + module-record (backend used)
        + module-type (one by integration, one for VirusTotal, Crowdstrike, etc…)
        + module-instance (one by org)
* Demo ~config.edn~