body{font-family:Lucida Sans,Arial;font-size:14px}
That seems like a worthy discussion, and one that we can probably do (at least part-way) with or without developer input.

Shall we meet tomorrow to start hashing out a vision for authentication and authorization systems and how they integrate with FOLIO?

(Cornell is closed, and I’m snowed in, but thanks to the magic of the Internet, that doesn’t matter for this.)

--
Christopher Manly
Coordinator, Library Systems
CUL-IT
cam2@cornell.edu
607-255-3344

On March 13, 2017 at 12:19:00 PM, Peter Murray (peter@indexdata.com) wrote:

Hey Chris (and everyone else),

I think the next step for us is to start working on use cases and user stories for how we want authentication and authorization to work.  These are some of the questions that come to mind:

* Do we want to use Shibboleth for staff login authentication?  Authorization?
* Do we want to use Shibboleth for patron login authentication?  (Presumably yes, but just checking...)
* Do we want to use OAUTH2 for staff?  For patrons?
* What is the role for Grouper in determining authorization for Okapi endpoints?


Peter

On Mar 13, 2017, 10:16 AM -0400, Chris Manly <cam2@cornell.edu>, wrote:
I think we would definitely want to coordinate E-resource access discussions with the RM SIG and with the developers.

I’m not sensing a great clamor for a discussion this week in absence of a need for our input from Indexdata.  My inclination would be to cancel this week’s call, reclaim the time for other purposes, and regroup when we have a clear topic (or questions from the developers).

Any objections?
To unsubscribe from this list please go to http://www.simplelists.com/confirm.php?u=e62cbqyh0AFUojLsgt2Sswxs0HO9wQ6J