Open APIs

 View Only

  • 1.  this operation is available only to ADMIN API users

    Posted Aug 15, 2018 22:53
    Hello,

    Just seeking explicit clarification on what is meant in the Open API documentation when (e.g. TMF638 POST/PATCH) an "operation is available only to ADMIN API users"

    Who or what is or plays the role of an "ADMIN" API user? I assume the call out is this is trying to protect the integrity of (e.g. the service inventory) data?

    Would it be true to expect that for example a component that is listening for a 640 servicecreationnotification  would have "Admin User" privilege so that it could align the Service Inventory record with the actual Service state?


    Thank you

    ------------------------------
    Stuart Batten
    Telstra Corporation
    ------------------------------


  • 2.  RE: this operation is available only to ADMIN API users

    Posted Aug 17, 2018 11:09
    Hi Stuart
    The Open API specifications have taken a very coarse-grained approach to authorization, so that operations (the REST verbs) are classified as whether they can be executed by anyone or only by an Admin role.
    My opinion is that this is illustrative and not normative - in any real implementation of the APIs permissions will be assigned according to real business roles according to business needs.
    However this is my opinion only, which needs to be validated with the Open API leaders (mentioning them here explicitly so that they will get a notification): @Andreas Polz, @Stephen Harrop, @PIERRE GAULTIER.
    Hope this helps​​​

    ------------------------------
    Jonathan Goldberg
    Amdocs Management Limited
    ------------------------------



Related Content