Getting started
You checked out all the concepts on how authentication, authorization and resource based access work in Multitenant Access Control? Or you are already familiar with such topics?
This chapter now covers the basic steps to go when applying this knowledge hands-on.
Start by topic
-
Start off by registering your application in Multitenant Access Control to enable all further steps. Get your application registered
-
Implement authentication by handling OAuth tokens in your use-case. Getting started with authentication
-
Implement authorization by using resources, roles and access control lists provided by Multitenant Access Control. Getting started with authorization
-
Use the resources provided by the system in a multitenant capable way
Start by use-case
-
Protect the REST endpoints of your module
-
Get registered as a module in Multitenant Access Control
-
Implement Resources, Roles and ACL checking
-
-
Call the protected endpoints of another module
-
Get registered as a module in Multitenant Access Control
-
Get assigned the appropriate roles to access the endpoint’s resource (see user manual)
-
Get a token specific to the resource owner and provide it as authentication header in the call
-
-
Restrict the UI of your module
-
Use the user token to load the currently assigned roles and privileges from the user ACL into the UI
-
Hide or restrict UI objects according to your resource requirements to improve user experience
-
Additionally restrict the access in the backend according to use-case 1
-