Basic Description

As a user, I need to be authenticated against different microservices apps provided by the Rokwire platform so as to use these services in a meaningful manner.

Detailed Description

For SAVVI, tasks under this epic could include, understanding OpenID Connect (OIDC), developing a proof of concept for integrating OIDC with a mobile app, documenting and testing the POC and sharing documentation for use by the SAVVI project. This assumes that the SAVVI development team will use this POC as they start adding authentication to the mobile app.

For the long term, we can leverage CILogon as it already supports different authentication providers including the University, Google, etc. Tasks under this epic could also include requirements gathering and analysis.

Acceptance Criteria (SAVVI)

Authentication core service source code is available in a repository with supporting documents like README, CHANGELOG, LICENSE, Contributors License Agreement, etc. and the service is running in production for the Savvi project according to their product requirements and built in an extensible manner for future project development.

• Start with using Google OpenID Connect
• Switch to Shibboleth OpenID Connect when it is available

Acceptance Criteria (Rokwire)

Authentication core service source code is available in a repository supporting documents like README, CHANGELOG, LICENSE, Contributors License Agreement, etc. and the service is in running in production in a scalable manner according to Rokwire product requirements.

• Use CILogon as a long term solution for integrating multiple authentication providers