Access Control
Anedya authenticates each request coming from the client which uses access tokens as a form of authentication. After authentication of the request, Anedya also validates the access to the requested resource or action as specified in the policy at the time of creating the token. Here's a sample policy for the access token:
{
"resources": {
"nodes": [
"----ADD YOUR NODES HERE---"
],
"variables": [
"----ADD YOUR VARIABLES HERE---"
]
},
"allow": [
"data::getsnapshot",
"data::getlatest",
"data::gethistorical",
"cmd::sendcommand",
"cmd::listcommands",
"cmd::getstatus",
"cmd::invalidate"
]
}
The policy is divided into two objects, resources and allow. The resources section lists all the resources on which all the actions specified in allow are valid and allowed.
You can restrict users' access to a certain node and allow only certain actions to be carried out.
Please note that not all Anedya APIs support access tokens. Please refer to the API documentation to check which APIs support this option.
Please note that certain APIs may require access to multiple resources. For example, to fetch variable data for a node requires both node and variable to be specified in the policy.
Each resource type in the policy has its constraints.
Resources
Nodes
Each access token can contain a list of nodes to which the token will allow access. There needs to be at least one node to be specified in the policy.
You can define a maximum of 100 nodes in a single token. Needs to be in uuid format
Variables
It defines the list of the variables to which user have access. You need to specify variable identifiers in array format. You can specify a maximum of 100 variables in a single token.