Skip to content

Possiblity to secure the callbackendpoint used for jobRegistration in IRS #740

New issue
New issue
Open
Open
Possiblity to secure the callbackendpoint used for jobRegistration in IRS#740
Labels
enhancementNew feature or request
@ds-mwesener

Description

@ds-mwesener
ds-mwesener
opened on Jun 28, 2024

As a developer,
I want to secure the /irs/job/callback endpoint,
so that the IRS system can validate that the requests to this endpoint are authenticated and acceptable.

Hints / Details

  • Currently, in IRS, there is no mechanism for authentication for the /irs/job/callback endpoint.
  • It would be beneficial to work with a key within the jobRegistration.
  • This key could be transferred to the /irs/job/callback address and validated to ensure that the request is acceptable.

Acceptance Criteria

  • A key mechanism is implemented within the jobRegistration.
  • The key is transferred securely to the /irs/job/callback endpoint.
  • The /irs/job/callback endpoint validates the key to ensure that the request is acceptable.
  • Only authenticated requests are processed by the /irs/job/callback endpoint.

Out of Scope

  • Changes to other endpoints not related to /irs/job/callback.
  • Implementation of additional authentication mechanisms outside the key-based validation.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    IRS

    Status

    inbox

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions