Auth Nightmares
(STORY) Adds internal OIDC configuration that nobody documented
What is "Add Inputs to Inst Setup Web For Internal OIDC Settings"?
(STORY) Adds logging to help us confirm it’s still broken
What is "Add AuditLogger.Service Mongo Logs"?
(Story) New client project that will spawn 4 follow-up tasks
What is "gRPC Client Project in Common"?
(TECH) Standard protocol for automating user provisioning and deprovisioning
What is SCIM?
(TECH) Database change that modifies the existing schema without losing data
What is a migration?
(TECH) Standard protocol used to delegate authentication using tokens instead of credentials
What is OpenID Connect (OIDC)?
(TECH) Logging strategy where structured key-value data is stored instead of plain text messages
What is structured logging?
(TECH) Protocol used by gRPC for transport and multiplexing
What is HTTP/2?
(STORY) Adds filtering so we can debug why results are empty
What is "Get Groups with filter"?
(STORY) UI work blocked by one missing backend field
What is "Configurable Institution Setup UI"?
(STORY) Tracks JWT activity that we will only check during incidents
What is "Auditlogs for JWT tokens"?
(Story) Template update nobody will retroactively apply
What is "Update Mongo Service Yeoman Template"?
(STORY) Tests that prove things work locally
What is "gRPC Client Integration Tests"?
(TECH) HTTP method typically used for partial updates to a resource
What is PATCH?
(TECH) A feature flag used to safely roll out functionality
What is a feature toggle?
(TECH) Token type used for identity claims and typically signed, not encrypted
What is a JWT (JSON Web Token)?
(TECH) A log level used for unexpected issues that don’t crash the system but definitely look scary
What is a warning (or error) log level?
(TECH) Language-neutral contract definition used in gRPC
What is Protocol Buffers (protobuf)?
(STORY) Removing users and hoping downstream sync agrees
What is "Patch Group (Remove Users)"?
(STORY) Making usernames unique after years of not needing to
What is "Set CIM username to be unique"?
(STORY) A “small change” that touches every auth flow somehow
What is "Common update for new Internal OIDC settings"?
(Story) Initiative that promises “better observability”
What is "Add Mongo Logging to Services"?
(STORY) Tooling to detect breaking changes right after we commit one
What is "Proto Breaking-Change Detection"?
(Story) Deprovisioning users and discovering they never left
What is "CIM User deprovisioning via SCIM"?
(STORY) Creating a shared repo that becomes everyone’s problem
What is "Set Up New Repo for gRPC Common"?