GDM Authentication

Objective

	Goal	Metric	Target Date

	Goal	Metric	Target Date
1	Installation Extractor => 8080:80 Keycloak => 8090:8080 Configuration provide shiboleth file to team provide theme	Install development instance of Keycloak service Configure service with clients, users and roles Connect service to Cornell authentication system	Jun 19, 2020
2	Integration Extractor Loader Contacts table modification Authentication	Install Tomcat libraries Install Angular libraries Remove current authentication module from GDM Implement new authentication to point to keycloak Implement BrAPI oAuth authentication Modify GDM contact creation endpoint to also create user information in keycloak	Jul 15, 2020
3	Deployment	Integration installation of keyloak into CD pipeline Develop scripts for post deployment configuration	Jul 31, 2020
4	Reviews	Review Pedver UI and recommend how integration to keycloak can be done Review Timescope UI and recommend how integration to keycloak can be done

Role	Description	Authorization	Access

Role	Description	Authorization	Access
PI	Principal Investigator - owner of projects	Own a project	Specific crop(s)
User (Default role)	General user	Cannot own a project Access to Extract and Pedver UIs No access to Loader UI access to APIs for pulling information	Specific crop(s)
Curator	Data curator, responsible for creating and uploading data to GDM	Cannot own a project Access to Extract and Pedver UIs Access to Loader UI Access to APIs for pulling information Access to APIs for creating information Access to APIs for uploading information	Specific crop(s)
Admin	system administrator	Same as Curator Access to Timescope	All crops