You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@usergrid.apache.org by Anand Somani <me...@gmail.com> on 2014/12/10 05:03:35 UTC

question on usergrid model

Hi,

Just recently started looking at BAAS and we are looking at usergrid as a
solution for identity management.

As I look at the model I noticed that it is

Organization=>Application=>Users .....

This seems to indicate that if the organization has multiple Applications,
each application will have its own users, is that correct?
    => If no then how does that work, maybe just need to play with it.
    => If yes then obviously I do not understand the philosophy and it
would be awesome if somebody can explain or point me to some wiki/jira
where this is discussed

Thanks for your help
Anand

Re: question on usergrid model

Posted by Rod Simpson <ro...@rodsimpson.com>.
Admin users are under orgs, app users are under apps.

Admin user has privy over all apps in the org and has full access to all resources.  App users only have access to resources under the app where they have been created.  Also, the administrator can create permissions that will govern what resources app level users have access to.

For example, if you are making an app, you are an admin user.  You will have full access.  Users who download your app and install it on their devices are app level users.  


-- 
Rod Simpson
@rockerston
rodsimpson.com

On December 11, 2014 at 2:48:55 PM, Anand Somani (meatforums@gmail.com) wrote:

Thanks for the response 

Typically users belong to organizations and they use various applications. So what is the logic for putting them under applications?

Looks like at the organization the users are administrators and have all permissions? 
Also looks like I can associate these admin users with multiple organizations?

Will play with it to see what it provides

On Wed, Dec 10, 2014 at 7:20 AM, Dave Johnson <sn...@gmail.com> wrote:

On Dec 9, 2014, at 11:03 PM, Anand Somani <me...@gmail.com> wrote:
Just recently started looking at BAAS and we are looking at usergrid as a solution for identity management. 

As I look at the model I noticed that it is 

Organization=>Application=>Users .....

This seems to indicate that if the organization has multiple Applications, each application will have its own users, is that correct? 
    => If no then how does that work, maybe just need to play with it. 
    => If yes then obviously I do not understand the philosophy and it would be awesome if somebody can explain or point me to some wiki/jira where this is discussed

You are correct that Organizations have Applications and Applications have users. 

Organizations can have users too.  

There is a special Management path that allows access to Organizational entities. For example, if you have a superuser access token you would make an HTTP call like this to get all organizations:

        GET /management/organizations

And, each organization can have a collection of admin users. 
For example, for organization “bigco” you would get users like so:

        GET /management/organizations/bigco/users

To add an organization admin user you would do something like this:

        POST /management/organizations/bigco/users

And you would send data like this: '{"email”:”randomdude@example.com","password”:”abc123”}'

This material does not seem to be covered in the Usergrid docs (http://usergrid.readthedocs.org/en/latest/organizations-admins.html).

But it is covered in the Apigee API BaaS docs 
(http://apigee.com/docs/app-services/content/organization).

We should fix that.

Dave

Re: question on usergrid model

Posted by Anand Somani <me...@gmail.com>.
Thanks for the response

Typically users belong to organizations and they use various applications.
So what is the logic for putting them under applications?

Looks like at the organization the users are administrators and have all
permissions?
Also looks like I can associate these admin users with multiple
organizations?

Will play with it to see what it provides

On Wed, Dec 10, 2014 at 7:20 AM, Dave Johnson <sn...@gmail.com> wrote:

>
> On Dec 9, 2014, at 11:03 PM, Anand Somani <me...@gmail.com> wrote:
> Just recently started looking at BAAS and we are looking at usergrid as a
> solution for identity management.
>
> As I look at the model I noticed that it is
>
> Organization=>Application=>Users .....
>
> This seems to indicate that if the organization has multiple Applications,
> each application will have its own users, is that correct?
>     => If no then how does that work, maybe just need to play with it.
>     => If yes then obviously I do not understand the philosophy and it
> would be awesome if somebody can explain or point me to some wiki/jira
> where this is discussed
>
>
> You are correct that Organizations have Applications and Applications have
> users.
>
> Organizations can have users too.
>
> There is a special Management path that allows access to Organizational
> entities. For example, if you have a superuser access token you would make
> an HTTP call like this to get all organizations:
>
>         GET /management/organizations
>
> And, each organization can have a collection of admin users.
> For example, for organization “bigco” you would get users like so:
>
>         GET /management/organizations/bigco/users
>
> To add an organization admin user you would do something like this:
>
>         POST /management/organizations/bigco/users
>
> And you would send data like this: '{"email”:”randomdude@example.com
> ","password”:”abc123”}'
>
> This material does not seem to be covered in the Usergrid docs (
> http://usergrid.readthedocs.org/en/latest/organizations-admins.html).
>
> But it is covered in the Apigee API BaaS docs
> (http://apigee.com/docs/app-services/content/organization).
>
> We should fix that.
>
> Dave
>

Re: question on usergrid model

Posted by Dave Johnson <sn...@gmail.com>.
> On Dec 9, 2014, at 11:03 PM, Anand Somani <me...@gmail.com> wrote:
> Just recently started looking at BAAS and we are looking at usergrid as a solution for identity management. 
> 
> As I look at the model I noticed that it is 
> 
> Organization=>Application=>Users .....
> 
> This seems to indicate that if the organization has multiple Applications, each application will have its own users, is that correct? 
>     => If no then how does that work, maybe just need to play with it. 
>     => If yes then obviously I do not understand the philosophy and it would be awesome if somebody can explain or point me to some wiki/jira where this is discussed

You are correct that Organizations have Applications and Applications have users. 

Organizations can have users too.  

There is a special Management path that allows access to Organizational entities. For example, if you have a superuser access token you would make an HTTP call like this to get all organizations:

        GET /management/organizations

And, each organization can have a collection of admin users. 
For example, for organization “bigco” you would get users like so:

        GET /management/organizations/bigco/users

To add an organization admin user you would do something like this:

        POST /management/organizations/bigco/users

And you would send data like this: '{"email”:”randomdude@example.com","password”:”abc123”}'

This material does not seem to be covered in the Usergrid docs (http://usergrid.readthedocs.org/en/latest/organizations-admins.html <http://usergrid.readthedocs.org/en/latest/organizations-admins.html>).

But it is covered in the Apigee API BaaS docs 
(http://apigee.com/docs/app-services/content/organization <http://apigee.com/docs/app-services/content/organization>).

We should fix that.

Dave