Objective
The Manage pillar is the second pillar in the SOAJS Dashboard. This pillar allows you to create products and tenants, and manage their permissions.
Our main focus will be the Productization and Multi-Tenancy tabs in the left-hand side menu.
This space will show you how to:
Add a new product
| Anchor | ||||
|---|---|---|---|---|
|
From the dashboard, go to Manage pillar → Productization
Once there, you should see the default Dashboard Product with two packages in it
Click on "Add New Product" and a modal will pop up. Here, fill in the product code and product name for your product:
You should now see an empty product:
Add a new package
| Anchor | ||||
|---|---|---|---|---|
|
Now that you've added a new product, go ahead and add a new package to this product by clicking "Add New Package"
Similarly to the above, give your package a code and a name and click "Add Package":
| Note | ||
|---|---|---|
| ||
So far, we've added a new product and added a new package to that product. Before continuing, we have to edit the ACL of the package. The ACL is what will allow or disallow access to certain services or APIs within services. |
Edit package ACL
| Anchor | ||||
|---|---|---|---|---|
|
Click on "Edit Package ACL" and you will be taken to this screen:
Check all the boxes of the services you want to allow this package to access. These ACL also work per environment, meaning if you have deployed another environment called DEV, you can allow this package to access a service in DEV but disallow access to the service in DASHBOARD.
It is recommended to create a new environment different that the DASHBOARD environment to deploy services there. To learn more about deploying new environments, check out the Deploy Pillar page.
| Note | ||
|---|---|---|
| ||
When you check a service, it will expand and you will see 2 radio button: public and private.
Selecting public will allow access to the service/API even if the user is not logged in while selecting private enforces that servce/API access is only allowed for logged in users. |
Add a new tenant
| Anchor | ||||
|---|---|---|---|---|
|
We've created a new product, created a new package within that product, and configured the package with the appropriate access rights. This recipe is called an application. Now we need to create the tenant that will use this application.
Go to Manage → Multi-Tenancy and click "Add Tenant"
Here you will be prompted to create either a Client Tenant or a Product Tenant.
For example, if you have a frontend that will communicate with your services, it is good practice to create the frontend tenant under Product Tenant, and if you have a developer/DevOp/TechOp that requires access to the services, it is good practice to create them under Client Tenants.
After you choose the tenant role, go ahead and fill in the tenant name and the tenant email and click "Add Tenant". Now click on the tab where you created your tenant and you should see the following:
Add new application
| Anchor | ||||
|---|---|---|---|---|
|
Now that we have created our tenant, let's assign the application we created earlier to it. Remember that an application is the combination of a product, a package, and package ACL.
Click on the "+" near the tenant name, then click "Add New Application":
Select the product package that you created earlier and click "Add Application:
Generate a tenant external key
| Anchor | ||||
|---|---|---|---|---|
|
The last step is creating an external key so that it can be used in the header of your requests.
Click on the "+" near the package name and press "Add New Key" and a new private key will be generated:
Now click on the key itself and click on the External Keys tab and click "Add New Application External Key"
Pick an expiry date if you want your external key to expire, or do not select a date to make you key live forever. Moreover, you can add additional security features such as device security and geolocation security.
Once you are done, click "Submit" and you will see your generated key:
Now copy this key and place it in the header of your requests and you should be able to successfully access your services/APIs!