deft/notes/cisco_org_level_entities.org

Cisco: Org Level OAuth2 Clients

• Org Level Clients

tags

cisco

source

Org Level Clients

Goal of the epic:

The goal of this Epic is to handle the case where the creator of a client leave the company. We still wish to keep the client working.

In the current schema of a client in IROH the field owner-id is optional.

So here are a few things to consider:

1. The client secret is only known by its owner when delivered. Then this secret should also be used by the client code. So other people working with the client's owner should probably be able to get that password. But when the owner leave the company, knowing the secret might have some security concern. So ideally, the client secret should be updated on both end (inside IROH and in the Client program). Actionable: Add a change client secret endpoint.