Uploaded image for project: 'mod-codex-ekb'
  1. mod-codex-ekb
  2. MODCXEKB-104

Securing APIs by default

    XMLWordPrintable

    Details

    • Template:
    • Sprint:
      eHoldings Sprint 89
    • Story Points:
      1
    • Development Team:
      Spitfire

      Description

      Per OKAPI-767, all public APIs should be protected by default. That means field permissionsRequired is required when defining non-system APIs in the handlers section of module descriptor. If there is a strong technical reason that an API cannot be protected, for example, /authn/login, use "permissionsRequired" : [ ] to make it explicit. Note it is OK to use "permissionsRequired": [ ] for two APIs //ramls and //jsonSchemas provided by RMB.

      Please fix following APIs in this module

              "/_/jsonSchemas",
              "/_/ramls"
      

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                psmagin Pavlo Smahin
                Reporter:
                hji Hongwei Ji
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    TestRail: Runs

                      TestRail: Cases