We're investigating the use of Crowd for identity and access management to our own custom .NET web app. Different users and groups will need access to different features and functionality in this app.
I haven't been able to find documentation on how authorization is managed via Crowd; only authentication. Is it possible to use the Crowd interfaces to manage authorization to specific features for a custom application?
You can, but most of the work needs to be done in your application.
The way I think of it is that Crowd provides a user directory - that does authorisation and some information about the user's account. Most importantly, it tells you what groups they are in. Then your application needs to implement something that checks the groups before letting the user do things...
We have written a .Net Library which wraps most of the functionality exposed by the Crowd REST API which is currently users by an ASP.NET MVC application with 20k plus users from Crowd.
it's currently in a private BitBucket repo but happy to share if you are interested.
Let me know
If you're still interested, I've just published our .NET library to NuGet. Searching for Crowd.NET in the Package Manager or run the following command on in the console: Install-Package Crowd.NET More information is available on NuGet (https://www.nuget.org/packages/Crowd.NET/) and the source code is available on BitBucket ([https://bitbucket.org/ianperrin/crowd.net]). Any contributions to the source are more than welcome (smile)!
For JSM June Challenge #2, share how your non-technical teams like HR, legal, marketing, finance, and beyond started using Jira Service Management! Tell us: Did they ask to start using it or...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events