Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-16173

System for simple, secure API connections

    Details

    • Documentation Required?:
      None
    • Funding Source:
      Core Team Funds

      Description

      Securely setting up an API key to integrate an external system demands significant effort, e.g.

      • Setup HTTPS (generate keypair, generate csr, get it signed, install to server)
      • Create a site key
      • Create a CMS user
      • Create a role and assign permissions to the role
      • Assign an API key
      • Send the site key and API key to the external system
      • (Note: For some scripts, like bin/cron.php, the process is very similar, but you use a username and password instead of an API key.)

      In an ideal world:

      • An admin who wants to make a link could simply say "Connect to system X", review the expected permissions, and approve. Similarly, revoking access should be as simple as "Disconnect"ing.
      • Permissions would be more fine-grained. In addition to specifying "view all contacts" or "administer CiviCRM", allow filtering based on specific API entities/actions/params.
      • Public services aimed for general usage could be certified/audited to ensure that they operate securely (and banned if they abuse their access).
      • Communications would be strongly encrypted, even on diverse/funky hosting infrastructure.

        Attachments

          Activity

            People

            • Assignee:
              timotten Tim Otten
              Reporter:
              timotten Tim Otten
            • Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2 days, 1 hour, 30 minutes Original Estimate - 2 days, 1 hour, 30 minutes
                2d 1h 30m
                Remaining:
                Time Spent - 1 week, 3 days, 1 hour, 5 minutes Remaining Estimate - 3 days, 4 hours, 30 minutes
                3d 4h 30m
                Logged:
                Time Spent - 1 week, 3 days, 1 hour, 5 minutes Remaining Estimate - 3 days, 4 hours, 30 minutes
                1w 3d 1h 5m