Versions Compared

Old Version 13

changes.mady.by.user Marina Adomeit

Saved on

compared with

New Version 14

changes.mady.by.user Marina Adomeit

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Done in completely automatic fashion. 
  • SP needs to be listed in one of the metadata that SA is consuming, at the moment: eduGAIN, OpenAthens, SWAMID, InCommon
  • Technical and Administrative contact from the SP metadata are taken as contacts that SA is recognising
  • Advanced (and potentially Standard) implementors will need to register the API keys in order to call the persistence service API 
  • For API key registration domain ownership needs to be proved by inserting a defined record in their DNS? 
  • Once an API key is registered, there needs to be a process for renewal. It can be an automatic job, and the old key is left functioning if there is a job error. 
  • During the registration process, SPs need to accept the terms of use: 
    • Advanced - registration flow in the website, part of click-through, policed through API key registration process 
    • Standard - registration flow in the website, part of click-through, policed through API key registration process if mandatory for standard
    • Limited - registration flow in the website, part of click-through, no way to police

Which entity categories we need:  

  1. ToS - assert accept from from incoming feeds and also assert ourselfes as part of pixiedusting - think also about accepting it from 

2. Authorisation for using the advanced (they need to read and write to)


Option 3 (start process) -Registration of the SP and acceptance of ToS

...

  • SP owner sends email from the admin or technical contact published in its metadata. Email needs to state: 
    • The integration SP wishes to use: Limited/Standard/Advanced
    • entityID of the SP they wish to register
    • Acceptance of the ToS
    • (Whether SP opts-in to be published in SA website as using the SA) - we can just require this but needs to be added to ToS-we also want to publish this to metadata
    • Whether SP wishes to be added to the SA communication channels - Slack SA general channel, the users mailing list, SA status notification... 
  • ??? some form for populating airtable - populate table from some kind of web form ..and how to extract informaitoninformation. ..also if there are any risks with using airtable without payed licence
  • Which email and who is looking to that and on which schedule ? What is the response time we want to establish for this? For the sake of this process, lets call this the job of the Level 1 support.
  • L1 support records the registration, that includes: 
    • Record the request in Airtable or something alike
    • L1 support checks if the SP is published in any of the metadata that SA consumes 
    • If the requested integration is advanced, then the request is forwarded to the SA xx team. Wait until the SA xx team has approved the integration and then continue...Update the Airtable
      • SA xx team validates that advanced integration is approved: proof that they are following ToS, UX validation  
    • Record the integration in the website, if opted in (can we use airtable automatically for this?)
    • Add them to the communication channels if opted-in

...