I am already using IDM together with Wilma PEP for access control to Orion. Now I want to achieve the same for outgoing notificaitons.
Example:
I have an app with users which for example shows devices. The user logs in and authenticates with FIWARE IDM to access the Orion instance. However, User A should only allowed be to access Device A and only get notifications for this Devices.
In Orion I have a subscription defined which triggers when any Device changes. Now an external system is updating the Device B.
I am currently having a notification endpoint (simple node js app) where the notification from the Device is passed back to the app via websocket.
Is there a way I can prevent sending the notification to User A? Is there a way I can check that notification with PEP and sending it only to the allowed users?
I was thinking of first passing the received auth token from the IDM with the websocket to check if the user is authorized. However, I still don't know how to check to which user I should send the notification. Is there a way I could pass the notificaiton request to the PEP proxy or any other solution?