Agenda

Presenter

Duration

Discussion

Authentication and Cross-BB Authorization

Steve Conrad

PSRAMKUMAR

40 minutes

Walk through key questions and requirements in this document: Authentication and Cross-BB Authorization

Where should this be documented? Security spec or separate BB spec?

If an existing DPG needs authentication, we should provide a mechanism to login using a set of pre-defined credentials for that DPG - and receive the JWT/token that is needed for API access to this DPG. This can be stored in the adaptor.

PubSub/Rooms

Aleksander Reitsakas

15 minutes

How should we define Rooms – are they oriented around Event Types or more broadly?

Next steps/AOB

Steve Conrad

5 minutes

What should we prioritize?

• GERA document/review - articulate core concerns

• Workflows/Core Capabilities

• Testing with Information Mediator

• Revisit Security Specifications

• Mapping out BB interactions/domain diagrams

  • Aleksander has some resources/starting point

    • Overall structure of GovStack solution

  • Sandbox team has happy flow document that we can walk through

    • Minimum Viable Product (MVP) eg. Happy Flow