1.7 KiB
1.7 KiB
ADDED Requirements
Requirement: Credential storage API
The system SHALL provide authenticated CRUD APIs for credentials scoped to the current user.
Scenario: Create credential
- WHEN an authenticated user calls
POST /credentialswithsiteOrigin,username, andpassword - THEN the server stores the credential and returns the created record
Scenario: List credentials
- WHEN an authenticated user calls
GET /credentials?siteOrigin=... - THEN the server returns the matching credentials for that user
Scenario: Update credential
- WHEN an authenticated user calls
PATCH /credentials/{id} - THEN the server updates the credential and returns the updated record
Scenario: Delete credential
- WHEN an authenticated user calls
DELETE /credentials/{id} - THEN the server deletes the credential
Requirement: Credential plaintext reveal
The system SHALL allow authenticated users to request plaintext passwords for their own credentials.
Scenario: User requests plaintext
- GIVEN an authenticated user
- WHEN the user requests plaintext credential data
- THEN the server returns plaintext passwords for that user
Scenario: Admin requests plaintext
- GIVEN an authenticated admin user
- WHEN the admin requests plaintext credential data
- THEN the server returns plaintext passwords for the target user
Requirement: Admin credential access
The system SHALL allow an admin to list and manage any user’s credentials.
Scenario: Admin lists user credentials
- GIVEN an authenticated admin user
- WHEN the admin calls
GET /admin/users/{id}/credentials - THEN the server returns that user’s credentials