# Meeting Notes 2024-11-19 ## Attendees - Victor Lu - @alexbabeanu - @davidbrossard - @vladi - Phillip M. (KC) ## Agenda - Vladi's presentation on Search/Partial evaluation - Outreach list ## Notes ### Search & Partial Evaluation - We have 2 proposals now - The original one @zirotrust put together ([link](https://hackmd.io/@oidf-wg-authzen/authzAPI)) - Vladi's [proposal](https://hackmd.io/@oidf-wg-authzen/HkLiZVdb1l) - We have relative consensus on the request format - Derivative of the AuthZEN request format with omitted attributes - Agreeing on the response format is harder - We could choose an existing query language e.g. SCIM's search/query language, SQL... - Can we agree on a broader format? - Challenge: existing solutions (PlainID, Axiomatics) have responses that are similar to the underlying policy language (XACML...) - Proposal: use SCIM's format (see sample vendor [documentation](https://bookstack.soffid.com/books/scim/page/scim-query-syntax) and [RFC7644](https://datatracker.ietf.org/doc/html/rfc7644)) - Use Cases - Runtime data filtering - Access Reviews - Entitlements generation - @alexbabeanu: let's try to align with existing search filters languages. - Victor briefly brought up IPSIE, the new OpenID WG and how he has a need to standardize authorization use cases across the enterprise. - David reached out to Aaron Parecki to try and include AuthZEN/ABAC into the IPSIE conversation. Next steps TBD ## Action Items - @vladi will take his proposal and update his examples to be inline with the AuthZEN `evaluate` proposal.