Context
We’d like to add an admin search bar that lets Chickadee admins search for UWaterloo users by name and add them to the local server before first login.
However, OIDC usually supports authentication and profile claims for the currently logged-in user, not directory-wide search. Before designing or implementing this feature, we need to confirm whether UWaterloo provides a searchable directory service that Chickadee can access.
Goal
Determine whether Chickadee can support admin-side search of Waterloo users, and if so, what external service should back it.
Questions to Answer
- Does UWaterloo expose a searchable directory/API for people lookup?
- Is that capability available to our application, or would it require separate credentials/approval?
- What protocol is available?
- REST directory API
- SCIM
- LDAP / campus directory bridge
- something Waterloo-specific
- What fields can we search on?
- display name
- WatIAM username
- email
- student/staff identifiers
- What fields are returned and stable enough to use for local user creation?
- external subject / stable ID
- username
- display name
- email
- Are there policy/privacy/rate-limit constraints on using this service from an admin UI?
- Can we create local placeholder users from directory results before first login, or are there restrictions that would make that inappropriate?
Desired Outcome
Document one of the following:
- A concrete supported integration path for directory search, including endpoint/auth requirements and usable fields.
- A clear "not available / not permitted" conclusion, in which case we should not build this feature.
Acceptance Criteria
- We know whether Waterloo directory search is technically and administratively available.
- We know which external system would be used, if any.
- We know the minimum fields Chickadee could trust for creating a placeholder local user.
- We have a go/no-go recommendation for implementing admin-side Waterloo user search.
Assumptions
- This is a discovery issue only.
- No UI or backend implementation should begin until this question is answered.
- If no searchable directory is available, we should not ship a weaker local-only substitute under the same feature idea.
Context
We’d like to add an admin search bar that lets Chickadee admins search for UWaterloo users by name and add them to the local server before first login.
However, OIDC usually supports authentication and profile claims for the currently logged-in user, not directory-wide search. Before designing or implementing this feature, we need to confirm whether UWaterloo provides a searchable directory service that Chickadee can access.
Goal
Determine whether Chickadee can support admin-side search of Waterloo users, and if so, what external service should back it.
Questions to Answer
Desired Outcome
Document one of the following:
Acceptance Criteria
Assumptions