Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There are two types of users in the system: standard users and administrators (admins). When a new organization is created, the first admin user is automatically created along with it (the admin username and password is one of the parameters required when a new organization is added). 

Passwords

(TODO)

Logging via Google, Facebook, Twitter or LinkedIn account

(TODO)

Roles

...

Users can be grouped using roles. A single role can contain zero or more users, a user can belong to zero or more roles. This is helpful for easier maintenance of access rights - the access rights can be defined on roles level once and then users can be added to roles as needed.

Secrets

When accessing the server via API (such as uploading a report), users are identified by a "secret". It is the application that calls the server via the API and we do not want the application store the users username and password. Thats why the application stores the secret, which can, if compromised, be deleted and regenerated.

When the organization is successfully created via the API, the admin user's secret is returned. The application needs to store this secret to use it later when uploading reports, adding other users, roles, setting security, etc. Please refer to the sample code RICDemo2.prg (https://bitbucket.org/eqeuscom/ricsamples/src/master/RICAPIClientVFP/ricdemo2.PRG) to see how the secret is returned and used.

Access rights

Access rights can be defined either on a folder level or a report level and you can define rights for individual users or roles (user groups). You can set access rights either manually, in the application, or via the API.

...