Attendees: Philipp, Hansjörg, Hans
- Please add more use cases -> google doc
Tenant/User (T/U) in general
- investigated references and concepts already discussed or developed within OIH, found a few references
- IAM service organizes users as members of distinct tenants
First conclusions
- T/U Rarely referenced nor specified in a generic way
- IAM implements simple T/U to authorize account management
- -> design T/U Data Model to equalize existing concepts
Rights & Permissions
Discussed following scenarios
- Service A has access management
- Service B spares access control, all data is public
- Sensitive data will be transferred from A to B and is henceforth public
- Organization provides a pipeline to transfer data from Service A to Service B
- Members with access to flow will transfer data without holding individual rights
Consequential issues
- Do we have to find intersections between different access rights and derive suitable permissions? Optional or mandatory?
- Could we store tokens for different users, flows, tenants - delegate access management to every service involved?
- Further discussion on topics