Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MPI User Model Requirement Request #5832

Open
joeniquette opened this issue Feb 2, 2021 · 1 comment
Open

MPI User Model Requirement Request #5832

joeniquette opened this issue Feb 2, 2021 · 1 comment
Assignees
@bosawt @joeniquette
Labels
identity

Comments

@joeniquette
Copy link
Contributor

joeniquette commented Feb 2, 2021
edited

MPI Identity Requirement Request

Background

A dependent of a Veteran, who is authorized to receive VA benefits, expects to be able to download an electronic version of the dependent benefits letter as quickly as its requested. The dependent of a Veteran today does not have the ability to login to VA.gov and download their dependent benefits letters. The dependent expects that when they login the benefits they are entitled to are presented to them in a reasonable manner to facilitate the usage of the benefits.

The reason a dependent cannot perform these actions electronically is because the SSOe user object does not contain the required user data to allow for application logic to present the correct relationship information.

Request

The requirement is to make available the sponsor information of a dependent within the user object returned during the SSOe login process. This data is best obtained from MPI, as the user information source of truth for the VA. Each user object in MPI:

  1. Must contain a user type, and one of these user types must be a dependent
  2. User type must be an array/list object, allowing for an identity to have multiple person types
  3. Person Type must contain dependent
  4. Person Type must contain sponsor
  5. Person Type must contain beneficiary
  6. Must contain an array object attribute which contains sponsor information of a user.
  7. The sponsor object must either be:
    a. null or
    b. contain ICN, firstname, lastname, and date of birth of the sponsor. The sponsor objects should be organized in 0...n array, sorted numerically by icn.
  8. Must contain all ICN's of user's sponsor(s)
  9. sponsor user attribute must be returned through an LOA3 (verified account) authorization SAML response

Use Case Validation

The definition of done for this requirement is when a dependent can login to va.gov and download the dependents benefit letter. The MVP of this request requires that the user object within the SAML response contain the sponsor object with at minimum the ICN of all sponsors of the dependent user.

Contacts

@bosawt - VSP Identity Engineer
@jimiray - VSP Identity Engineer
@joeniquette - VSP Identity Security Engineer
IAM:
Damien DeAntonio - VA IAM team, contact for MPI
Jeffrey Kemple - MPI
Linda Reimonenq - MPI
Brian Toval - MPI
@joeniquette joeniquette mentioned this issue Feb 2, 2021
Closed
@joeniquette joeniquette mentioned this issue Feb 12, 2021
Closed
@joeniquette
Copy link
Contributor Author

This work still needs to be done, it should stay in the backlog.

@joeniquette joeniquette reopened this Sep 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bosawt bosawt

@joeniquette joeniquette

Labels
identity
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jimiray @nsoutouras @bosawt @christine-dillman @joeniquette