Meeting minutes 09-07-2021

Hello all,

Today was another productive meeting, highlights include:

  • We continued our formal review of the Security BB spec: Security Building Block Definition.docx - Google Documenten
  • We reviewed the progress of other teams and discussed the need for Payments to support accounting for cash transfers - if they don’t do it, we need to find another group.
  • We went through all existing issues in our tracker to make sure they are being addressed, see Issues · GitHub

Key decisions

  • We will work with the Security group to improve their building block definition. We identified the need for IAM and API Gateway building blocks.
  • For the IAM building block we will look at the OpenIAM OpenAPI specification and derive from that.
  • Architecture will work with Security on a set of generic Auth flows that can be used for any use case including SSO auth flow via API gateway, Mobile-specific auth flow, e.g. use auth APIs, receive JWT token, sort out how to handle logging in with two roles, e.g. nurse and a parent user needs to be able to change roles, work out how is a user is logged in and out, e.g. between SSO applications.
  • Architecture team will continue to test discourse and will cc the email address to surface email conversations on discourse
  • We still need a powerpoint with a quick review of progress across groups
  • Max and Uwe will connect with OpenIMIS on Thursday next week

Overview of workgroup progress
Review progress on Issue Tracker

Next week we can review progress, write more use cases and continue to address remaining issues in Issues · GitHub
We will also address Uwe’s questions about editing/adding categories to the DPC catalog. We’d like a webinar about this.

From the chat:
Uwe Wahser (GIZ)
mostly global goods in health

Uwe Wahser (GIZ)

Meeting minutes (Apologies, no transcription this week due to bandwidth issues):

Thanks @mcarlson for posting these. One comment - I don’t think we need a new IAM or API Gateway building block. I think we simply need to detail that functionality in the Security Building Block. We should identify the endpoints and data structures that are needed for IAM and API Gateway and document those flows at the bottom of the Security BB template doc. I will note that in the Security BB document as well.