<div dir="ltr"><div>Hi folks! Happy new year, and thanks for attending today!<br clear="all"></div><div><br></div><div># Meeting Notes 2025-01-07<br><br>## Attendees<br><br>- @omri <br>- Mike Schwartz<br>- Dinesh<br>- Vladi<br>- Michiel<br>- @alexbabeanu <br>- Julio<br>- @davidbrossard <br>- Amos<br>- @eaz <br>- David Hyland<br><br>## Agenda<br>- 2025 H1 Roadmap<br>  - <a href="https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view">https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view</a><br>- Access Evaluations semantic in the spec based on the proposal discussed Dec 17<br>  - <a href="https://openid.github.io/authzen/authorization-api-1_0_02.html#name-evaluations-options">https://openid.github.io/authzen/authorization-api-1_0_02.html#name-evaluations-options</a><br>  - <a href="https://hackmd.io/wnRZovyfS4GJVE3ozqkqmA?view">https://hackmd.io/wnRZovyfS4GJVE3ozqkqmA?view</a><br>- JSON schema for access evaluation request/response merged<br>  - <a href="https://github.com/openid/authzen/blob/main/api/schemas/evaluation-request.schema.json">https://github.com/openid/authzen/blob/main/api/schemas/evaluation-request.schema.json</a><br>  - OpenID vs separate org/repo for code artifacts?<br>- Docker image to build the AuthZEN spec - Julio Auto created one!<br>  - <a href="https://github.com/openid/authzen/issues/150">https://github.com/openid/authzen/issues/150</a> <br>  - Issue is closed, but was there a PR to add these artifacts?<br>- Discuss Vladi's partial evaluation proposal<br>- HTTP extension proposal<br>- Kong integration!! (Vladi)<br><br>## Notes<br>- @omri provided an overview of the [roadmap](<a href="https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view">https://hackmd.io/FgnDl4iMTIa7xPQ18D7mfQ?view</a>)<br>- Interop update<br>    - Learn from Shared Signals in terms of experience at Gartner<br>    - Provide 3 use cases (IdP, API GW, apps) for Gartner London<br><br>- Reminder to check the [list of target integrations](<a href="https://hackmd.io/@oidf-wg-authzen/target-integrations">https://hackmd.io/@oidf-wg-authzen/target-integrations</a>) and find one you can reach out to.<br>- Mike S. points out that the AuthZEN spec alone is not enough to determine what the payload should be<br>    - This is where profiling comes in<br>    - Vladi has the example for Kong<br>    - <br>- Mike S. says that Jans server already supports calling out to a PDP via AuthZEN through an interception script.<br>- We need a repo to store code artifacts separate from the OpenID AuthZEN repo.<br>    - David will create a Docker Hub user for the AuthZEN image<br>    - This is the org we will use for code: <a href="https://github.com/authzen">https://github.com/authzen</a><br><br>## Partial Evaluations API Review<br> - [Proposal](<a href="https://hackmd.io/Jhm_sYKfTlOq7ZlUAIuRRA">https://hackmd.io/Jhm_sYKfTlOq7ZlUAIuRRA</a>)<br> - David suggests we do a comparison of all 3 major approaches today<br>     - PlainID<br>     - Axiomatics<br>     - Open Policy Agent's Partial Evaluation<br><br>**Reminder**: we've decided to separate `partial evaluation` from `search` as they are radically different in their approach<br><br>  - Atul's original spec (which contains subject and resource search): <a href="https://openid.github.io/authzen/authorization-api-1_0-original.html#name-resource-search-api">https://openid.github.io/authzen/authorization-api-1_0-original.html#name-resource-search-api</a><br><br>## AOB<br>- [Jans documentation for AuthZEN](<a href="https://docs.jans.io/head/janssen-server/auth-server/endpoints/access-evaluation/">https://docs.jans.io/head/janssen-server/auth-server/endpoints/access-evaluation/</a>)<br>- [Target Integrations](<a href="https://hackmd.io/@oidf-wg-authzen/target-integrations">https://hackmd.io/@oidf-wg-authzen/target-integrations</a>)<br></div><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><table style="color:rgb(34,34,34);font-family:tahoma,sans-serif;border:none;border-collapse:collapse"><tbody><tr style="height:0pt"><td style="vertical-align:top;padding:5pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><a href="http://www.aserto.com/" target="_blank"><img src="https://raw.githubusercontent.com/aserto-dev/artwork/main/logo/horizontal/color/aserto-horizontal-color.png" width="96" height="35"></a></p></td><td style="vertical-align:middle;padding:5pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Roboto,sans-serif;color:rgb(0,0,0);background-color:transparent;font-weight:700;vertical-align:baseline;white-space:pre-wrap"><span style="font-size:10pt">Omri Gazitt</span><span style="font-weight:normal"><span style="font-family:Arial;background-color:transparent;vertical-align:baseline"><span style="white-space:pre">     </span></span></span><span style="font-size:10pt">| </span></span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Roboto,sans-serif;font-size:10pt;white-space:pre-wrap">CEO</span></p><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><span style="font-size:10pt;font-family:Roboto,sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><a href="http://www.aserto.com/" target="_blank">Aserto</a> Inc.</span><span style="background-color:transparent;font-family:Arial;vertical-align:baseline"><span style="white-space:pre">  </span></span><span style="color:rgb(0,0,0);font-family:Roboto,sans-serif;font-weight:700;white-space:pre-wrap;font-size:10pt">| </span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Roboto,sans-serif;font-size:10pt;white-space:pre-wrap">(425) 765-0079</span></p></td></tr></tbody></table></div></div></div>