On Fri, Dec 11, 2015 at 10:17 PM, Supun Nakandala <supun.nakand...@gmail.com > wrote:
> Hi devs, > > Currently in the Airavata API we use the gatewayId only for some API > methods like createExperiment, registerApplication etc.. I would like to > suggest that we move this field to SecurityToken and make it mandatory for > all API methods. For API methods which requires the gatewayId we can read > it from there. > So, currently how does other methods figure out on which gateway id the operation should be performed ? -Thejaka > > By making gatewayId a mandatory field in SecurityToken, in the API it is > easy to implement access control to the API in a multi tenanted scenario. > > Any Concerns? > > Thanks > Supun >