diff options
| author | ertopogo <erwin.t.pombett@gmail.com> | 2026-03-13 00:33:28 +0100 |
|---|---|---|
| committer | ertopogo <erwin.t.pombett@gmail.com> | 2026-03-13 00:33:28 +0100 |
| commit | b34873f98052ac5fb4bf6731a25730075796d764 (patch) | |
| tree | 0b27ef2996894287aaf382b43956d6cf45352e94 /INTEGRATIONS.md | |
Diffstat (limited to 'INTEGRATIONS.md')
| -rw-r--r-- | INTEGRATIONS.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/INTEGRATIONS.md b/INTEGRATIONS.md new file mode 100644 index 0000000..46bd9a0 --- /dev/null +++ b/INTEGRATIONS.md @@ -0,0 +1,15 @@ +# INTEGRATIONS
+## Integrations internes
+- Service/Projet: Plateforme Medias (stockage, acces API, visualisation)
+- Type d'echange: Autorisation JWT/OIDC, controles ACL, URLs pre-signees, metadonnees techniques
+- Contrat: Toute integration interne doit reference sa documentation d'installation, de configuration et de troubleshooting
+- Flux interne cible:
+ - Client web -> Caddy (araucaria) -> viewer-bff (Node/Express)
+ - viewer-bff -> media-access-api (verification droits)
+ - media-access-api -> MinIO (lecture objet autorise via URL pre-signee)
+## Integrations externes
+- Service: Keycloak externe (`kc.arauco.online`), Caddy (edge proxy), services clients consommateurs de medias
+- Auth: OIDC/OAuth2, JWT signe
+- Donnees echangees: Claims d'identite/roles/groupes, decision ACL, liens pre-signes a duree limitee, journaux d'acces
+- Criticite: Elevee (securite et disponibilite)
+- Exigence documentaire: Chaque integration externe doit disposer d'un runbook d'installation, de configuration et de depannage maintenu a jour
\ No newline at end of file |