I am working on a POC to create flow diagram to secure protected data for external user. We are planning to work on market place where external user will login via external application and paired with a group they belong to. Once pairing is completed between external user and group then as a next step external user can call an api to see all the information associated with the paired group. We needs to impose an security that external user is calling api using same external application once pairing happen. External user can be associated with multiple external application and raise pairing request with same group using market place.
- There are application to application interaction.
- External user login on market place through external system. It’s a user interface where all the user can login if they have credential.
- After successfully login user can see list of group associated with logged in user.
- User can select group using market place ui and raise a pairing request.
- Once pairing is done then user is authorized to call group api to see detail of that group.
- All the external user will call these api using a external application.
- As a security we need to validate external user is calling group api using same external system once they raised pairing request on market place.
Aucun commentaire:
Enregistrer un commentaire