...
The user presents their credentials for authentication
If the credentials are valid
1.The user is given access to the catalog
2.As defined by their role(s)
3.As defined by their access rights
4.As defined by the access type: CRUD, discover
5. As defined by the pre-defined filter
For example if they issue a get on a catalog that a party has no access they get an error response
Or if they try to modify an area of the catalog but do not have Write Access they get an error response
Normally we anticipate that the OAUTH2 or Open ID Connect are used as the authorization APIs and that ACL are establisher between authorized parties with regards to the content of the Catalog (i.e GET but also enable of update operations on specific entities).
Anchor | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
Release Number | Date | Release led by: | Description |
Release 1.0 | 04/15/2013 | Pierre Gauthier | First Release of Draft Version of the Document. |
Release 1.1 |
|
| Updated for use in the Paris Spec Jam – and rebranded. |
© TM Forum 2015. All Rights Reserved.