Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Management API: add optional "scopes" parameter #4322

Closed
paullatzelsperger opened this issue Jul 3, 2024 · 0 comments · Fixed by #4325 or #4348
Closed

Management API: add optional "scopes" parameter #4322

paullatzelsperger opened this issue Jul 3, 2024 · 0 comments · Fixed by #4325 or #4348
Assignees
@paullatzelsperger
Labels
api Feature related to the (REST) api dcp enhancement New feature or request triage all new issues awaiting classification

Comments

@paullatzelsperger
Copy link
Member

Feature Request

The /catalog endpoint of the Management API should take an optional parameter with which clients can inject additional DCP scope values.

This could either be a named field in the JSON structure, or an entry in extensible map, similar to various properties fields we have.

Which Areas Would Be Affected?

Catalog API

Why Is the Feature Desired?

In typical DCP interactions, the consumer derives from the current request (e.g. policies, or existing agreements) which scopes need to be put in the access token. This does not work for a Catalog request, because there is no request context.

Further, in many dataspaces there are "default scopes", i.e. scopes that must be present on every DSP interaction, but these are static - they can't be changed at runtime.

In some cases, it is necessary to add scopes to the default scopes. For example, a consumer may know that a provider has certain assets available, but they have an access policy constraing on them, which makes them "invisible" unless a certain credential is presented.

Solution Proposal

  • write a decision-record
  • add a new optional parameter to the CatalogRequest plus its transformers
  • in IdentityHub, treat PresentationQueryMessage#scope as nullable
@paullatzelsperger paullatzelsperger added api Feature related to the (REST) api dcp enhancement New feature or request labels Jul 3, 2024
@paullatzelsperger paullatzelsperger self-assigned this Jul 3, 2024
@github-actions github-actions bot added the triage all new issues awaiting classification label Jul 3, 2024
@paullatzelsperger paullatzelsperger removed the triage all new issues awaiting classification label Jul 3, 2024
This was referenced Jul 3, 2024
Merged
Merged
Merged
@ndr-brt ndr-brt mentioned this issue Jul 4, 2024
Closed
@github-actions github-actions bot added the triage all new issues awaiting classification label Jul 8, 2024
This was referenced Jul 9, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paullatzelsperger paullatzelsperger

Labels
api Feature related to the (REST) api dcp enhancement New feature or request triage all new issues awaiting classification
Projects
None yet
Milestone
No milestone
1 participant
@paullatzelsperger