We're updating the issue view to help you get more done. 

Convert Insights from OIDC-based to JWT-based AuthN

Description

The Insights application (aka https://github.com/edx/edx-analytics-dashboard) is one of two remaining applications that still use DOP-based OpenID Connect authentication. The LMS course API was expanded to add the functionality needed to provide the course access information required by the Insights application in this merged PR:
https://github.com/edx/edx-platform/pull/21059

This information is currently passed to the Insights app inside the OIDC auth token. To remove the usage of OIDC, the Insights app will instead need to query the LMS course API post-auth, as prototyped by in this PR:
https://github.com/edx/edx-analytics-dashboard/pull/875

It's important to perform this work before the next Open edX release (Juniper) in order to announce the DOP/OIDC-based authentication as deprecated - and enable its removal before the K-release of Open edX. edx-analytics-dashboard is tagged in the Open edx release, so is considered as part of the release.

Acceptance Criteria:

  • Complete work on the Insights PR listed above, including implementation, review, and merging.

  • Create the needed DOT-based credentials (Insights client ID/secret) in the stage/production LMS DBs.

  • Implement and merge any needed configuration PRs to add the new Insights credentials.

  • Deploy the AuthN change to stage Insights and verify its proper operation.

  • Deploy the AuthN change to production Insights and verify its proper operation.

  • Deprecate the previously-used DOP client ID/secret in the stage/production LMS DBs.

Status

Epic Link

None

Story Points

None

Assignee

Unassigned

Reporter

Julia Eskew

Labels

None