I believe that is the tertiary association between user, role, and domain. Liem From: Wojciech Dec <wdec.ietf@...<mailto:wdec.ietf@...>> Date: Wednesday, October 15, 2014 at 1:26 PM To:

Wojciech, Good question. Looking at the code I think you are seeing the internal Grant resource but it’s not directly surfaced through the REST model? Which raises a few questions. As Liem

Hi Guys, ok, so I wanted to take a spin and do some operations using Idmlight. I followed the Readme and also the Release note at: https://wiki.opendaylight.org/view/AAA:Helium_Release_Notes. Still

Hi All, I have another meeting that I've been called into... Wanted to to attend today's call to discuss the Lithium plan, for which I put down a few items - basic question though above all: By when

Hi Wojciech, IdMLight Admin and federation endpoints are not exposed by default (for security reasons). The AAArelease notes mention how to expose them (I was hoping to get that into the

Just want to add some clarification… We want to expose the admin and federation endpoints on different ports than the rest of the controller REST API (e.g., RestConf). So, for the example in the

Hi Wojciech, No worries… The tentative Lithium release plan is here: https://wiki.opendaylight.org/view/Simultaneous_Release:Lithium_Release_Plan Looks like we will need to declare our

Hi Liem, yes, but as I mentioned I did follow the release notes and added the jetty config... Note that the curl shows that 8282 is active, but nothing is found. Is there some order/extra steps needed

Hi Peter, Liem, ok, so I think I can see what it is, but it's not clear what value it provides is its current form, ie: curl -X POST -s -H "Content-type:application/json" -d {

Ahh… The URL needs an “auth” in the path: curl -si http://localhost:8282/auth/v1/domains HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Server:

I will let Peter answer the grantId question, but for user group, that is something we wanted to support for Helium but decided to descope it due to lack of resources… Personally, I would like to

Ok, that solved it. Thanks. My bad for not looking in the pom, but I think we need to document this as the Idmlight API endpoints we've been showing do not have "auth" in them. -Wojciech.

Cool. The REST API spreadsheet (google doc) does have the “auth” in there… What documentation did you see that does not have the auth? Thanks, Liem From: Wojciech Dec

Hello Liem and friends, We were making use of the UserManager in Hydrogen to list, create, modify, delete users in ODL. Does Helium have a similar RESTful resource? Many thanks, -Andrew

Good to know. In that case, maybe we should look at how AAA does it with their custom DataBroker to see how hard it would be to build an extensible DataBroker that allows for validation to be

Agree for application level validation. For “boilerplate” validation such as Yang must, leaf ref, etc I would like datastore to take care of that, otherwise everybody will need to write their own

I couldn't agree more.

Hi Andrew, Helium does have a set of APIs (IdM) for CRUD¹ing users: https://docs.google.com/spreadsheets/d/1YYMmK_V5LMAjLGZOEjfKSX0x4Gwb-K5Xuk1 wZskwWwY/edit#gid=0 These admin APIs are meant to

It's not in the readme, and easy to miss in the release notes (as I did). -Wojciech

I will add that in… Thanks for spotting it. Liem From: Wojciech Dec <wdec.ietf@...<mailto:wdec.ietf@...>> Date: Friday, October 17, 2014 at 12:07 AM To: Liem Nguyen