Goals/Scope
We need a way for an Administrator to create a special type of User which:
- is for a system such as ColdTrace to use our API
- doesn’t have a password (uses system generated web token)
- ability to request new token
- has basic permissions which are essentially Administrator type privileges to things like: Admin CCE, Admin Requisition etc.
We want to leverage our existing RBAC as much as possible for this. The screens however will have some significant differences from our current person-oriented screens.
Background
Assumptions
User Stories
# | Title | User Story | Label | Importance | Notes |
---|---|---|---|---|---|
1 | |||||
2 |
Diagrams
Dependencies
Description | Link |
---|---|
Open Questions
Below is a list of questions to be addressed as a result of this requirements document:
# | Question | Outcome | Status |
---|---|---|---|
1 | Should this process support the admin setting up a username for any new system that requests access? | ||
2 | What types of permissions will be included in this service account? Are there multiple types or levels of service accounts that we need? Do we need new permissions? | ||
3 | Is there a logging or auditing process that we will use to track requests from this service account? |