I'm wanting to do something that may not be possible :-)
I have a service that I want to offer to multiple organisations.
I want the users of each organisation to authenticate according to the
needs or that organisation (e.g. against their own LDAP server).
I do not want to have to handle API keys as I have lots of organisations
and lots of services and lots of versions of those services, so think
managing those keys will fast become a nightmare. I am happy to use the
service as a public service, as long as the user is authenticated and
authorized.
e.g. I think what I want to do is create an application in each
organisation with a policy that does the authentication, and use a
public service that does the authorization based on expected role
granted to the user.
But the only way I can see to do this is to use plans, which involve the
need for API keys.
Any ways to do this?
Tim