[Koha-devel] OAuth2 - client credentials fr 18.05

[Marcel de Rooy]

+1

Van: koha-devel-bounces at lists.koha-community.org <koha-devel-bounces at lists.koha-community.org> Namens Tomas Cohen Arazi
Verzonden: woensdag 18 april 2018 20:46
Aan: koha-devel <koha-devel at lists.koha-community.org>
Onderwerp: [Koha-devel] OAuth2 - client credentials fr 18.05

Hi, during the 18.05 release cycle a lot of progress has been made towards the goal of having a REST api.

We voted the written and discussed RFC for the endpoints there was need to have [1]
Some of them are already in master for 18.05, others are WIP. But the fact we have some roadmap of things we agreed on is a great milestone. Congrats!

The missing piece for this (besides making the REST api grow faster) is having a standard way to authenticate external systems so they can interact with Koha in a healthy way. Take Coral as an example: it needs to be able to add biblios, add purchase orders, etc. Or custom user management systems to inject patrons or update their statuses, etc.

We chose to implement the OAuth2 client credentials grant, which is a standard for this kind of use cases. Great work Julian! [2].

The patches have gone through the QA process, and we are almost done. We still have 2 days before the feature freeze to adjust things. So if you have an opinion (positive, negative but constructive, etc), please comment here or better in the related bugs. It is now, or after the release!

Thanks!

[1] https://wiki.koha-community.org/wiki/REST_api_RFCs
[2] https://bugs.koha-community.org/bugzilla3/showdependencygraph.cgi?id=20612

--
Tomás Cohen Arazi
Theke Solutions (https://theke.io<http://theke.io/>)
✆ +54 9351 3513384
GPG: B2F3C15F
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20180419/baa21149/attachment.html>