The difference between project token and user token - clarification needed

Question

I'd like to make sure that my understanding of concept of user tokens and project tokens is correct.

• When I use API as an admin and authenticate using user token, I can perform any action on projects that I have access to.
• When I use API and authenticate using project token, I can perform any action on that specific project

Am I right? Thanks in advance.

PS. I was trying to find some documentation regarding user roles but I failed. May you please clarify what are associated permissions to user roles you support in iron.io?

Answer 1

Piotr!

1. You are correct, user token gives you an ability to use IronWorker, IronMQ, and IronCache APIs. You can manage user tokens here.
2. In 2017 we introduced Organizational Support which allows companies to manage their users, projects, and clusters. Project-specific tokens allow accessing one or a set of projects in an Iron.io Org Support account without granting project privileges to individual users. The only way to access the project would be to use project-specific token. Users can embed it within their application(s) which call Iron.io services. You can manage project-specific tokens on the Org Support projects page.

P.S.: we are working on improving Org Support documentation and will publish it very soon. Also, the basic Org Support documentation is available here.