/
2019-03-26 Meeting

2019-03-26 Meeting

Owned by Eric Jansson
Apr 01, 2019

Notes

Further research on the question of if security entities should be added to the data model was decided in favor of keeping this data out of that model. Several reasons were cited:

  • The Ed-Fi model is not designed to be an authorization store, so adding this data would change its purpose
  • In the current school year, it is unclear that SIS systems could contribute this data
  • It is unclear for the long term what the use cases actually look like, so designing a new authorization strategy seems premature

Much discussion was on the question of what to store. In general, it was proposed that this be a transferable token tied to an API client. Key points of that discussion:

  • Namespaces won't work, as they are not transferable
  • The token should probably be shorter - maybe 10 characters - so that operations to support clients with that token are simpler. This was described at one point as "human readable" 
  • probably should be a n:1 relationship between API clients and tokens, so that a token can be shared by multiple API clients


Related content

2019-03-13 Meeting
2019-03-13 Meeting
Ed-Fi Special Interest Groups
More like this
Ed-Fi Student Information Systems API for Data Standard v4 Certification
Ed-Fi Student Information Systems API for Data Standard v4 Certification
Ed-Fi Certification
More like this
Security Configuration Data Stores
Security Configuration Data Stores
Ed-Fi ODS / API for Suite 3 v7.1
More like this
What's New - API Guidelines
What's New - API Guidelines
Ed-Fi Data Standard v2.0
More like this
Ed-Fi Student Information Systems API for Suite 3 Certification
Ed-Fi Student Information Systems API for Suite 3 Certification
Ed-Fi Certification
More like this
II. Understanding Ed-Fi APIs - Student Equity-VDG
II. Understanding Ed-Fi APIs - Student Equity-VDG
Solution Guides
More like this