Summary

• Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

...	...	@@ -44,8 +44,6 @@
44	44	* **openid: **This scope is required because we use the OIDC protocol. It will give your app access to the user's basic information such as username, email and full name.
45	45	* **group **(optional)**: **If you request this scope, the future access token generated will authorize your app to identify which units and groups the user belongs to.
46	46	* **team **(optional)**: **This scope is like the group scope lets your app identify the permissions of the user, but by identifying what collabs the user has access to and with what roles.
47		-* **clb.wiki.read **(optional): access to GET Collab API
48		-* **clb.wiki.write** (optional): access to POST Collab API
49	49
50	50	{{info}}
51	51	The group and team scopes are a simple way for your app to grant permissions to its services and resources when you want to grant access to a very few units, groups, or collab teams. For more complex permission management, contact support.
...	...	@@ -69,7 +69,7 @@
69	69
70	70	==== Request ====
71	71
72		-/POST: [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token]]
	70	+/POST: [[https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token>>url:https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token]]
73	73
74	74	with the following parameters:
75	75
...	...	@@ -111,7 +111,7 @@
111	111
112	112	==== Request ====
113	113
114		-/GET: [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo]]
	112	+/GET: [[https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo>>url:https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo]]
115	115
116	116	with the following parameters:
117	117
...	...	@@ -123,7 +123,7 @@
123	123
124	124	==== Response ====
125	125
126		-As response your app receives a JSON with all the information about the logged user
	124	+As response your app receives a JSON with all the information on the logged user
127	127
128	128	(% class="box" %)
129	129	(((
...	...	@@ -146,7 +146,7 @@
146	146	],
147	147	"group": [
148	148	"**group**-collaboratory-developers",
149		- "**unit**-all-projects-hbp-consortium-sga2-sp05-**administrator**"
	147	+ "**unit**-all-projects-hbp-consortium-sga2-sp05-administrator"
150	150	]
151	151	},
152	152	"mitreid-sub": "30...62"
...	...	@@ -153,10 +153,12 @@
153	153	}
154	154	)))
155	155
156		-The unit field above lists Collaboratory Units which the user is a member of, with the unit name using slashes instead of the colons you see in the Collaboratory UI.
	154	+The group field above lists Collaboratory Groups in the form "group-//groupname//" and Collaboratory Units in the form "unit-//unitname//" with the unitname using dashes instead of the colons you see in the Collaboratory UI.
157	157
158		-jupyterhub and xwiki are OIDC clients with more advanced permission management.
	156	+The team field above lists Collaboratory Teams in the form "collab-//collabname//-//role//" where //role //is one of admin, editor, or viewer according to the user's role in collab //collabname//.
159	159
160		-The team field above lists Collaboratory Teams which the user is a member of, in the form "collab-//collabname//-//role//" where //role //is one of admin, editor, or viewer according to the user's role in collab //collabname//.
	158	+jupyterhub and xwiki are OIDC clients.
161	161
162		-The group field above lists Collaboratory Groups which the user is a member of, in the form "group-//groupname//". It also lists Collaboratory Units which the user is an admin of, in the form "unit-//unitname//-administrator" with //unitname //using dashes instead of the colons you see in the Collaboratory UI.
	160	+The unit field above lists [useless noise?].
	161	+
	162	+