Dynamic role creation of tenant in the Saas structure
We have Spring Boot projects that we wrote Rest API.We started to actively use aws. We are moving to the Saas structure and we want each client to define their own policy. For example, we have an API with the /getUser endpoint.Some of the tenants can create the "xxx" role. It can request users in the xx role to access this endpoint.Other tenants create the role "yy". It may not want users with this role to access the "getUser" endpoint.Is there a structure where tenants can define roles and manage dynamic these roles in endpoint style? Is there a framework that can solve this issue?I have used keycloack and spring security before. I can't come up with a simple solution using these
Actually, I have a request. Let me authorize tenants using the app. This user can define roles. Let my API endpoints group and create a role. Is there such a structure or what should it be?
You can easily build a custom implementation of the tenant specific roles. The below table shows the management of the tenant specific roles
We have unique constraint with RoleName & TenantId so as to allow multiple tenant's to support similar role names
The next table shows the permissions which can be applied to the role which is by tenant.
Note:
The data are for illustration, you might have entity and permissions against the entity and the RolePermissions table will have a collection of Identifiers instead of the Permission names.
This kind of system can be expanded with policy builder so that the tenants can build policy around these roles / permissions to govern the access to the application features / endpoints.
- Grant user DDL permissions on specific schema
- I cannot get the permission window to appear using "requestPermissionLauncher.launch(permissions)"
- Storage permission error in Marshmallow
- Permission danied when reading file from /var/lib/mysql-files
- How to set folders permissions in linux?
- chmod unable to change permissions
- How can I make Docker Desktop work for multiple users? "ERROR: Docker Desktop is not running" while Docker is working properly
- Is UWP software able to initiate a shutdown on Windows 10 (non-IoT)?
- When using docker-compose why are my files mounting like folders?
- Python module os.chmod(file, 664) does not change the permission to rw-rw-r-- but -w--wx----
- PermissionStatus API: Safari appears to support the change event but nothing fires when user allows microphone
- Android SDK 34 AppCompatActivity.requestPermissions does not display permission dialog, but does with Android SDK 29
- WordPress & Plugin version not updating on amazon-ec2
- npm install errors with Error: ENOENT, chmod
- spatie/laravel-permissions - Gate and hasPermissionTo are not working
- Jupyter Notebook: Access to the file was denied
- Flutter CLI, ran clean as root user, now I can't run it without sudo
- "detail": "Authentication credentials were not provided." django-rest_framaework
- Adding external users to Azure DevOps git repository and deny in multiple repositories isn't working
- What is the difference between privapp-permissions.xml in system/etc/permissions and default-permissions.xml in system/etc/default-permissions?
- Cannot resolve method checkSelfPermission
- Cannot resolve Manifest.permission.ACCESS_FINE_LOCATION
- How to restrict access in Azure DevOps to only one specific board?
- Listing permissions of Android application via adb
- Unable to request permissions for React Native Android App AUG 2024
- Linux tar command ignore files which permission denied
- Making exception in permissions (linux)
- How to execute a SQL Server stored procedure containing an ALTER statement from a database front end without granting it ALTER permissions?
- Saving PDF from Third Party App Causes Permission Issue - Android Kotlin
- SSH Key: “Permissions 0644 for 'id_rsa.pub' are too open.” on mac