Re: [Architecture] [APIM] Admin REST API to check user role existence

Frank Leymann Tue, 05 May 2020 01:18:35 -0700

Dear Meruja,

the URI of the second API (i.e.  /me/roles/{roleName}) is really debatable:
the intent of the */me* part of the URI seems to be to identify the
logged-in user, and to me, such a user is a resource. I.e I assume that a
user is represented in APIM as a resource (but I didn't check the current
API), or has a unique UserID - correct?


Thus, the URI of the API should be something like
.../users/{UserID}?{roleName}  or  /roles/{roleName}?{UserID}.

Best regards,
Frank




Am Di., 5. Mai 2020 um 06:17 Uhr schrieb Meruja Selvamanikkam <
mer...@wso2.com>:

> Hi All,
>
> We are planning to add a REST API endpoint to APIM 3.2.0 Admin Rest APIs
> and the intention is to check the existence of a particular role name (
> Internal/subscriber) when transferring ownership of an application to a
> user. We have similar API in the publisher to check the availability of
> the role[1].
> We have to decide the OAuth2 scope which functionalities are used by Admin
> .
>
> The swagger definition for the new endpoint would be as follows:
>
> ######################################################
> # The Role Name Existence
> ######################################################
>   /roles/{roleName}:
> #-----------------------------------------------------
> # The role name existence check resource
> #-----------------------------------------------------
>     head:
>       security:
>         - OAuth2Security:
>             - apim:<To_be_added>
>       summary:
>         Check given role name already exists
>       description:
>         Using this operation, to check whether given role already exists
>       parameters:
>         - $ref : '#/parameters/roleName'
>       responses:
>         200:
>           description:
>             OK.
>             Requested role name is returned.
>         404:
>           description:
>             Not Found.
>             Requested role name does not exist.
>
> ######################################################
> # The Role Name Existence for the logged-in user
> ######################################################
>   /me/roles/{roleName}:
> #-----------------------------------------------------
> # Validate role against a user
> #-----------------------------------------------------
>     head:
>       security:
>         - OAuth2Security:
>             - apim:<To_be_added>
>       summary:
>         Validate whether the logged-in user has the given role
>       description:
>         Using this operation, logged-in user can check whether he has given 
> role.
>       parameters:
>         - $ref : '#/parameters/roleName'
>       responses:
>         200:
>           description:
>             OK.
>             Logged-in user has the role.
>         404:
>           description:
>             Not Found.
>             Logged-in user does not have the role.
>
> Appreciate any feedback on this and correct me if I am wrong.
>
> [1] - [APIM-3.0] Publisher rest API to check a role name existence
>
> Thanks & Regards,
> *S.Meruja* |Software Engineer | WSO2 Inc.
> (m) +94779650506 | Email: mer...@wso2.com
> Linkedin:   https://www.linkedin.com/in/meruja
> <https://www.google.com/url?q=https://www.linkedin.com/in/meruja>
> Medium: https://medium.com/@meruja
> <http://wso2.com/signature>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>

_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Re: [Architecture] [APIM] Admin REST API to check user role existence

Reply via email to