... | ... | @@ -43,7 +43,7 @@ The group's name is case-insensitive. Please refer to [group creation guideline] |
|
|
|
|
|
### Domain
|
|
|
|
|
|
A domain is the top level online address that Schlumberger operates DELFI on e.g. _delfi.slb.com_.
|
|
|
A domain is the top level online address that a ISV operates SaaS on .
|
|
|
|
|
|
### Data partition
|
|
|
|
... | ... | @@ -53,7 +53,7 @@ All groups and permissions are unique at the data partition level, meaning grant |
|
|
|
|
|
### Elementary data partition groups
|
|
|
|
|
|
When a data partition is provisioned, corresponding group is created: **_users_** (e.g., _users@slb.p4d.cloud.slb-ds.com_).
|
|
|
When a data partition is provisioned, corresponding group is created: **_users_** (e.g., _users@instance.osdu.opengroup.org_).
|
|
|
|
|
|
Group named _users_ contains all the identities that are allowed access to the data partition in question. When a contract is created in DELFI, we create the corresponding data partition in the Data Ecosystem and all user identities are added to the users group of the corresponding data partition.
|
|
|
|
... | ... | @@ -81,7 +81,7 @@ Applicable _slb-data-partition-id_ values are: |
|
|
Both AppKey and SAuth token are required to be provided when calling Entitlements APIs.
|
|
|
|
|
|
### <a name="authorization">Authorization</a>
|
|
|
The SAuth app or client needs to be granted authorization through [developer portal](#https://test-slbdev.devportal.apigee.io) to the requested data partition, if the provided token is issued by the SAuth app or client. Note: common data partition is public to all SAuth app and client.
|
|
|
The SAuth app or client needs to be granted authorization through [developer portal]() to the requested data partition, if the provided token is issued by the SAuth app or client. Note: common data partition is public to all SAuth app and client.
|
|
|
The user encoded in the JWT needs to be added into the proper contract, to be granted permission to the requested data partition.
|
|
|
The SAuth service ID needs to be whitelisted by the Data Ecosystem support team, given the provided token is issued by the SAuth service. Please contact us via [Teams](#https://teams.microsoft.com/l/channel/19%3ad1e17837859f41748ffb264c6a444171%40thread.skype/Entitlements?groupId=bf1bf782-ae93-466e-acad-0db33222b783&tenantId=41ff26dc-250f-4b13-8981-739be8610c21).
|
|
|
|
... | ... | @@ -164,7 +164,7 @@ curl --request POST \ |
|
|
|
|
|
```
|
|
|
curl --request GET \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@slb.delfi.slb.com/members' \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@instance.osdu.opengroup.org/members' \
|
|
|
--header 'authorization: Bearer <JWT>' \
|
|
|
--header 'content-type: application/json' \
|
|
|
--header 'slb-data-partition-id: slb'
|
... | ... | @@ -176,7 +176,7 @@ curl --request GET \ |
|
|
|
|
|
```
|
|
|
curl --request POST \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@slb.delfi.slb.com/members' \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@instance.osdu.opengroup.org/members' \
|
|
|
--header 'authorization: Bearer <JWT>' \
|
|
|
--header 'content-type: application/json' \
|
|
|
--header 'slb-data-partition-id: slb' \
|
... | ... | @@ -192,12 +192,12 @@ curl --request POST \ |
|
|
|
|
|
```
|
|
|
curl --request POST \
|
|
|
--url '/entitlements/v1/groups/data/data.example.viewers@common.delfi.slb.com/members' \
|
|
|
--url '/entitlements/v1/groups/data/data.example.viewers@instance.osdu.opengroup.org/members' \
|
|
|
--header 'authorization: Bearer <JWT>' \
|
|
|
--header 'content-type: application/json' \
|
|
|
--header 'slb-data-partition-id: common' \
|
|
|
--data '{
|
|
|
"email": "users.example@slb.delfi.slb.com",
|
|
|
"email": "users.example@instance.osdu.opengroup.org",
|
|
|
"role": "MEMBER"
|
|
|
}'
|
|
|
```
|
... | ... | @@ -208,7 +208,7 @@ curl --request POST \ |
|
|
|
|
|
```
|
|
|
curl --request DELETE \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@slb.delfi.slb.com/members/member@domain.com' \
|
|
|
--url '/entitlements/v1/groups/service.example.viewers@instance.osdu.opengroup.org/members/member@domain.com' \
|
|
|
--header 'authorization: Bearer <JWT>' \
|
|
|
--header 'content-type: application/json' \
|
|
|
--header 'slb-data-partition-id: slb'
|
... | ... | |