Hi Rubin team,
We reviewed RTN-003 and related authentication/authorization guidance (including DMTN-253), and we’re implementing our cutout workflow to be compliant for proprietary Rubin data access as an IDAC.
At a high level, we are:
- enforcing authenticated access with org context,
- requiring Rubin-linked user identity/entitlement checks for proprietary cutout access,
- ensuring proprietary cutout outputs are not exposed publicly.
Could you please register two OIDC clients for us:
- adam-api-rubin-prod
Redirect URI: https://adam-api.app.b612.ai/api/users/rubin/link/callback/ - adam-api-rubin-dev
Redirect URI: https://adam-api-oidc.dev.b612.ai/api/users/rubin/link/callback/
We’ll route local developer testing through that single dev callback host, so two client credentials should be sufficient.
Please confirm this setup is acceptable, and if there are specific required scopes/claims you want us to rely on for entitlement checks.
Thanks.