3. Entities, Auth, and Roles

Definitions

Auth

The process of authenticating users and verifying credentials and permissions.

Interacting Entity

Any entity (user, service, plugin, etc) that is interacting with the system.

JWT

A Json Web Token (JWT) is a method for conveying information securely between entities, often used to convey authorization after authentication with an external provider.

3.1. JWT Based Auth

Entities are to authenticate themselves to the system with JWTs. We consume JWT’s to provide flexibility in auth provider, and the service is agnostic to any specific JWT provider.

3.2. Roles

The service uses roles in order to gatekeep if a particular interacting entity is allowed to access a given resource.

3.3. Keep track of entities interacting with the system

All entities that interact with the system are to be registered in the system, and available for reference in other areas.

3.3.1. Registration

The first time an interacting entity interacts with the system, it is registered as an entity.

3.3.2. Updates

When an entity interacts in subsequent requests, the information in the given JWT is checked against the current values stored in the database. If information differs, it is updated.

3.4. Allow entities to retrieve their own information

Entities are allowed to retrieve their own data held on them.

3.5. Allow information to be retrieved on other entities

3.5.1. Others’ full data

3.5.2. Others’ Reference

Entities should be able to retrieve a reference object for any other entity, containing a bare minimum of data about the other entity. Used to make sure UI’s can properly display basic entity information in context.