Authentication and authorization in frontend app

[citizenrich]

Prototype uses DHIS2 auth{n|z}. See use cases for appropriate role-based authorization levels.

[gretchiemoran]

@citizenrich can you point me resources that can help me understand what "DHIS2 auth{n|z}" means?

[citizenrich]

authn = authentication, authz = authorization. Perhaps that was a bit too cryptic of me.

DHIS2 uses basic auth and can call out to Oauth2 providers: https://docs.dhis2.org/2.28/en/developer/html/webapi_authentication.html

This issue should capture what the use case owners require for interoperability within their respective partner's systems for authentication and authorization.

I'm not sure what ministries use for authentication. I expect that the tool would need to support a mix of basic plus oauth2, but again feedback is needed.

For authorization, use case owners should help the developers understand what roles (if role-based authorization) should be used.

[citizenrich]

This was discussed with use case owners. There will be two different entry points depending on deployment, one with DHIS2 auth and one as standalone, with standalone having a way for others to add LDAP, Oauth2 as they need to.

[citizenrich]

Completed. Also, future work is in the GOFR repo: https://github.com/intrahealth/gofr