Story #11453
Updated by Tom Morris about 7 years ago
Basic elements: - a single login server which provides authentication for all clusters in the network - a single user UUID is used across all nodes in the cluster. API server needs two additional features: 1. Validate salted token by contacting origin cluster 2. As an origin cluster, validate a received token from a remote cluster Validation requests return the user record valid/invalid, UUID, username, email address, as well as a lifetime after which is used to populate the local user table, along with an expiration time after which revalidation token should occur. be revalidated by the caller. Draft: [[Federated identity]] Migration process from local identity to network identity is separate