Filter credentials by user ID¶
Enable control of credentials for users via the Identity policy file
Credentials can be created for users and stored in the Identity service, tagged
with the appropriate
user_id. The Identity service policy engine will
already allow a user to have control over their own credentials, for update,
get and delete operations. However, in order to get a credential you must know
its ID, and the only way to get an ID is to list those credentials tagged with
user_id. The only way to control such listing via policy is via
using the policy control of filters - but the list credentials API does not
support a filter on
Add a filter of
user_id to the list credentials API.
Data Model Impact¶
REST API Impact¶
The exact API specification will be defined as part of a review of an changes to the Identity API, but will simply consist of adding a standard filter options of user_id.
Other End User Impact¶
Other Deployer Impact¶
- Primary assignee:
- Additional assignee:
Update API specifications
Implement the filter in controller code
Update to the Identity API to list the new filter attribute.