Page MenuHomePhabricator

Define the core attribute list managed in the IDM with all stakeholders
Open, Needs TriagePublic


We have an initial idea of what attributes we want to manage and their level of availability

  • Required attributes for everyone (e.g. Wikimedia Developer username)
  • Attributes required for new accounts, but which will need backfilling to eventually allow tools to expect them (e.g. such information could be added via migration scripts or when people log into the IDM for the first time)
  • Optional core attributes (those are attributes that can be set for any user, but are not required)

In addition to the core attributes there will be further sets of attributes which are enabled via account profiles. E.g. If someone selects the Hadoop account profile, this might enable an additional attribute on the user (display in a configurable tab) which allows users to enter a Kerberos user principal.

We need to define an initial set of attributes and solicit input from others who operate services using the Wikimedia Developer accounts.

  • WDA username (mandatory)
  • Given name (optional)
  • Email address (mandatory)
  • Password (mandatory)
  • Shell name for SSH logins (optional)
  • SSH key(s) used for Toolforge/Cloud VPS access
  • Mediawiki SUL (standard unified login) account name (mandatory)
  • Boolean whether the user has a wikitech account corresponding to their WDA username
  • IRC username (optional) (needs to be specified in a way which also corresponds to a network)
  • Phabricator username (optional)
  • More TDB, maybe things like language preferences

Comments/suggestions extremely welcome :-)

Event Timeline

Ideally I'd like to reuse the "owner" field from groups as a field to identify who can approve access requests. We need to check that the field is not used for anything important in other systems.