Versions Compared

Old Version 20

changes.mady.by.user Antoine Hage

Saved on

compared with

New Version 21

changes.mady.by.user Joe Kanaan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

This Pillar provides several modules that help you cook some ACL recipes, package them and assign them as products to tenants.

In Addition you can create tenants that will use your product, manage their applications and secure them via key security.

The modules within the Manage pillar are:



Productization
Anchor
productization
productization

The productization module offers the ability to secure your microservice & daemons and package them to assign them later on to tenants.

Here is a step by step approach on how to do that.


Add a new product
Anchor
product
product

From the dashboard, go to Manage pillar → Productization

Step 1:

Once there, you should see the default Dashboard Product with two packages in it.

Step 2:

Click on "Add New Product" and fill in the form.

Step 3:

You should now see an empty product right below the Dashboard Product.




Add a new package
Anchor
package
package

Now that you've added a new product, go ahead and add a new package in it so you can configure the ACL.

Similarly to the above, click add new package and fill in the form.


Note
titleRecap

So far, we've added a new product and added a new package inside it. Before continuing, we have to configure the ACL of the package.

The ACL is what will allow or deny access to the microservices and their APIs.




Edit package ACL
Anchor
packacl
packacl

Click on "Edit Package ACL" and you will be taken to a new page where you see the list of all activated services grouped under environment codes.

Check all the boxes of the services you want to allow this package to access.

The ACL works per environment, meaning if you deployed the same service in multiple environments, you can allow this package to access the service in one environment and prevent it in another.

You can learn more about deploying environments, check out the Deploy Pillar page.

Note
titleNote

When you check a service, it will expand and you will see 2 radio button: public and private.

Selecting public grants access to the service/API for anonymous users whereas private enforces that service/API access is only allowed for logged in users.




Multi-tenancy
Anchor
multi
multi

This module offers the ability to create and manage tenants and their applications.

It also allows us to link tenant to productized package and secure them via key security.

The module provides a list of all the tenants except the tenant you are logged in with, for that please head to Settings.

Here is a step by step approach on how to do that.

Add a new tenant
Anchor
tenant
tenant

Go to Manage → Multi-Tenancy and click "Add Tenant"

Step 1:

Here you will be prompted to create either a Client Tenant or a Product Tenant.

Product tenants are tenants that do not have users under them.

Client tenants are useless by themselves, they rely on their users to interact with your products.

Step 2:

After you choose the tenant role, fill the rest of the form to complete creating a tenant.

Note

While creating a tenant, if you pick a dashboard package for it, it means you want the users of this tenant to access the dashboard UI later on. If this is not the purpose of the tenant you are creating, do not pick a package for it from the drop down.

The drop down only shows package that belong to the Dashboard Product under productization.





Add new application
Anchor
app
app

After you create a tenant, assign an application for it and while doing that, pick the package you want to it to use from productization.





Generate a tenant external key
Anchor
key
key

Secure your tenant by generating an encrypted key. Keys are linked to applications and have additional security measures like geo, device and expiry options.

Step 1:


Step 2:

Pick an expiry date if you want your external key to expire at some point or leave it blank for unlimited. 

You can add additional security configuration such as device security and geolocation security.

Step 3:

Copy the external key value and place it in the header of your requests and you should be able to successfully access your services/APIs!




Configure services config per tenant
Anchor
configure
configure

Now that we have added a tenant, we can configure its services config, if required. Click here to learn more about services config.

Click on the "+" near the application name, then click on the Tenant Application Key, then on the Key Environment Configuration tab.

Here you will see a list of available environment where we can configure the services config.




Tenant Organization Chart
Anchor
tenantchart
tenantchart

The tenant organization chart module allows you to manage the users and groups of all available tenants except the tenant you are logged in with.

This module offers UI/UX wizards that interact with the URAC microservice deployed under the Dashboard environment.

To learn more about user registration and Access Control, check out the URAC space.



My Organization Chart
Anchor
orgchart
orgchart

My organization chart module allows you to manage the users and groups of the tenant you are logged in with ONLY.

This module offers UI/UX wizards that interact with the URAC microservice deployed under the Dashboard environment.

To learn more about user registration and Access Control, check out the URAC space.




Settings
Anchor
settings
settings

The Settings module will allow you to manage the settings of tenant your logged in with only. 

This module offers the same functionality that the multitenancy module does but is restricted to interact only with your tenant.

if you need to change information for other tenants, please head to multitenancy.