- Initial assumption is web service based with pluggable authentication
- Which authentication should we support? SSL cert, ws-auth, user/pass in http basic auth, public key signature in http header, other?
- Do we need a messaging design (xmpp)?
- REST? (if REST, then XML, JSON, and/or XHTML)?
- SOAP?
- Simple calls vs Batched calls (e.g. replace all members of a group with the attached list)? (if batched, can you pass a TX type e.g. use a transaction or not)?
- Simple responses or complex responses (e.g. for groups a subject is in, return just the ID (KIM) or return group information(Grouper))?
- How are results communicated back? Result code, description, warnings, errors, success_TF, etc?
- If you add a member to a group who is already a member, is that a success, and is there a result code that represents that? (same with delete)
- Paging and sorting for results?
- Is the client and server version transmitted in the request/response?
- Should operations be idempotent? i.e. if an operation is executed twice, should be a success both times (e.g. add member, create group)
General
Content
Integrations