-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: update frontier provider docs for latest configs
- Loading branch information
1 parent
b689aee
commit 67e1619
Showing
1 changed file
with
46 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,14 +1,14 @@ | ||
| # Frontier | ||
|
|
||
| Frontier is a cloud native role-based authorization aware server and reverse-proxy system. With Frontier, you can assign roles to users or groups of users to configure policies that determine whether a particular user has the ability to perform a certain action on a given resource. Guardian supports access management to the following resources in Frontier: | ||
| [Frontier](https://raystack-frontier.vercel.app/) by Raystack is a role-based cloud-native user management system and authorization server for your applications and API endpoints. With Frontier, you can assign roles to users or groups of users to configure policies that determine whether a particular user has the ability to perform a certain action on a given resource. Guardian supports access management to the following resources in Frontier: | ||
|
|
||
| 1. Team | ||
| 2. Project | ||
| 3. Organization | ||
|
|
||
| ## Compatible version of Frontier : | ||
|
|
||
| <= v0.4.1 | ||
| Use version [v0.7.24](https://github.com/raystack/frontier/releases/tag/v0.7.24) or above of Frontier for Guardian to work properly. | ||
|
|
||
| ## Authentication | ||
|
|
||
|
|
@@ -21,6 +21,7 @@ Example Credential config for Frontier provider: | |
| credentials: | ||
| host: http://localhost:12345 | ||
| auth_email: "[email protected]" | ||
| auth_header: X-Frontier-Email | ||
| ``` | ||
| Example provider config for Frontier provider: | ||
|
|
@@ -31,8 +32,9 @@ Example provider config for Frontier provider: | |
| type: frontier | ||
| urn: frontier-provider-urn | ||
| credentials: | ||
| host: http://localhost:12345 | ||
| auth_email: "[email protected]" | ||
| host: http://localhost:7400 | ||
| auth_email: [email protected] | ||
| auth_header: X-Frontier-Email | ||
| allowed_account_types: | ||
| - user | ||
| resources: | ||
|
|
@@ -44,11 +46,11 @@ resources: | |
| - id: member | ||
| name: Member | ||
| permissions: | ||
| - users | ||
| - app_group_member | ||
| - id: admin | ||
| name: Admin | ||
| permissions: | ||
| - admins | ||
| - app_group_owner | ||
| - type: project | ||
| policy: | ||
| id: policy_id | ||
|
|
@@ -57,7 +59,15 @@ resources: | |
| - id: admin | ||
| name: Admin | ||
| permissions: | ||
| - admins | ||
| - app_project_owner | ||
| - id: manager | ||
| name: Manager | ||
| permissions: | ||
| - app_project_manager | ||
| - id: member | ||
| name: Member | ||
| permissions: | ||
| - app_project_member | ||
| - type: organization | ||
| policy: | ||
| id: policy_id | ||
|
|
@@ -66,24 +76,42 @@ resources: | |
| - id: admin | ||
| name: Admin | ||
| permissions: | ||
| - admins | ||
| - app_organization_owner | ||
| - id: manager | ||
| name: Manager | ||
| permissions: | ||
| - app_organization_manager | ||
| - app_organization_accessmanager | ||
| - id: member | ||
| name: Member | ||
| permissions: | ||
| - app_organization_viewer | ||
| ``` | ||
| ### Frontier Credentials | ||
| | Fields | | | ||
| | :----------- | :-------------------------------------------------------------------------------------------- | | ||
| | `host` | `string` Required. Frontier instance host Example: `http://localhost:12345` | | ||
| | `auth_email` | `email` Required. Email address of an account that has Organization Administration permission | | ||
| | Fields | | | ||
| | :------------ | :-------------------------------------------------------------------------------------------- | | ||
| | `host` | `string` Required. Frontier instance host Example: `http://localhost:12345` | | ||
| | `auth_email` | `email` Required. Email address of an account that has Organization Administration permission | | ||
| | `auth_header` | `string` Required. Header name for authentication. Default: `X-Frontier-Email` | | ||
|
|
||
| ### Frontier Resource Type | ||
|
|
||
| - `team` | ||
| - `project` | ||
| - `organization` | ||
| - team | ||
| - project | ||
| - organization | ||
|
|
||
| ### Frontier Resource Permission | ||
|
|
||
| | Type | Details | | ||
| | :----------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --- | | ||
| | Required. `string` | Frontier permission mapping **Possible values:** - <br/>`team`: `users` \(Member of team\), `admins` \(admin of team\) <br/>`project`:` admins` (Admin of project)<br/> `organization`:`admins` (Admin of Org) <br/> | | | ||
| | **Resource Type** | **Permission Name** | **Details** | | ||
| | :---------------- | :----------------------------- | :-------------------------- | | ||
| | organization | app_organization_owner | Organization Owner | | ||
| | organization | app_organization_manager | Organization Manager | | ||
| | organization | app_organization_accessmanager | Organization Access Manager | | ||
| | organization | app_organization_viewer | Organization Viewer | | ||
| | project | app_project_owner | Project Owner | | ||
| | project | app_project_manager | Project Manager | | ||
| | project | app_project_member | Project Member | | ||
| | team | app_group_owner | Group Owner | | ||
| | team | app_group_member | Group Member | | ||