Meeting Notes 2025-01-07

# Meeting Notes 2025-01-07 ## Attendees - @omri - Mike Schwartz - Dinesh - Vladi - Michiel - @alexbabeanu - Julio - @davidbrossard - Amos - @eaz - David Hyland ## Agenda - 2025 H1 Roadmap - https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view - Access Evaluations semantic in the spec based on the proposal discussed Dec 17 - https://openid.github.io/authzen/authorization-api-1_0_02.html#name-evaluations-options - https://hackmd.io/wnRZovyfS4GJVE3ozqkqmA?view - JSON schema for access evaluation request/response merged - https://github.com/openid/authzen/blob/main/api/schemas/evaluation-request.schema.json - OpenID vs separate org/repo for code artifacts? - Docker image to build the AuthZEN spec - Julio Auto created one! - https://github.com/openid/authzen/issues/150 - Issue is closed, but was there a PR to add these artifacts? - Discuss Vladi's partial evaluation proposal - HTTP extension proposal - Kong integration!! (Vladi) ## Notes - @omri provided an overview of the [roadmap](https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view) - Interop update - Learn from Shared Signals in terms of experience at Gartner - Provide 3 use cases (IdP, API GW, apps) for Gartner London - Reminder to check the [list of target integrations](https://hackmd.io/@oidf-wg-authzen/target-integrations) and find one you can reach out to. - Mike S. points out that the AuthZEN spec alone is not enough to determine what the payload should be - This is where profiling comes in - Vladi has the example for Kong - - Mike S. says that Jans server already supports calling out to a PDP via AuthZEN through an interception script. - We need a repo to store code artifacts separate from the OpenID AuthZEN repo. - David will create a Docker Hub user for the AuthZEN image - This is the org we will use for code: https://github.com/authzen ## Partial Evaluations API Review - [Proposal](https://hackmd.io/Jhm_sYKfTlOq7ZlUAIuRRA) - David suggests we do a comparison of all 3 major approaches today - PlainID - Axiomatics - Open Policy Agent's Partial Evaluation **Reminder**: we've decided to separate `partial evaluation` from `search` as they are radically different in their approach - Atul's original spec (which contains subject and resource search): https://openid.github.io/authzen/authorization-api-1_0-original.html#name-resource-search-api ## AOB - [Jans documentation for AuthZEN](https://docs.jans.io/head/janssen-server/auth-server/endpoints/access-evaluation/) - [Target Integrations](https://hackmd.io/@oidf-wg-authzen/target-integrations)