Proto file info/auth.proto
Service: AuthProvider
The auth provider service enables granular control of security permissions for a particular Smart Core controller or system. It does this using the concept of 'Accounts', each of which has a certain set of permissions for which device(s) and/or trait(s)/service(s) they are allowed to access.
| Method | Request Type | Response Type | Description |
|---|---|---|---|
| AddAccount | AddAccountRequest | AddAccountResponse | |
| RemoveAccount | RemoveAccountRequest | RemoveAccountResponse | |
| UpdateAccountPermissions | UpdateAccountPermissionsRequest | UpdateAccountPermissionsResponse | |
| GenerateToken | GenerateTokenRequest | GenerateTokenResponse |
Account
Represents an account which has access to this system
| Field Name | Type | Description |
|---|---|---|
| name | string | The account identifier |
| title | string | A descriptive name for this account |
| token | Token | The current token for this account |
| permissions | repeated Permission | The set of permissions granted to the token bearer |
Token
Represents a token that can be granted against an Account for
| Field Name | Type | Description |
|---|---|---|
| id | string | The token ID string |
| expires_at | google.protobuf.Timestamp | A time the token expires |
Permission
Describes a permission level for a particular device-trait
| Field Name | Type | Description |
|---|---|---|
| device_name | string | The fully qualified name of the device this permission represents, or '*' for all devices |
| trait_name | string | The fully qualified name of the trait on the specified device this permission represents (in package.Service format), or '*' for all traits |
| read | bool | Whether to allow read calls for this device-trait |
| write | bool | Whether to allow write calls for this device-trait |
| observe | bool | Whether to allow observe calls (i.e. Pull requests) for this device-trait |
AddAccountRequest
| Field Name | Type | Description |
|---|---|---|
| name | string | |
| title | string | |
| permissions | repeated Permission |
AddAccountResponse
| Field Name | Type | Description |
|---|---|---|
| account | Account |
RemoveAccountRequest
| Field Name | Type | Description |
|---|---|---|
| name | string |
RemoveAccountResponse
No fields defined.
UpdateAccountPermissionsRequest
| Field Name | Type | Description |
|---|---|---|
| change_type | smartcore.types.ChangeType | |
| permissions | repeated Permission |
UpdateAccountPermissionsResponse
No fields defined.
GenerateTokenRequest
| Field Name | Type | Description |
|---|---|---|
| account_name | string |
GenerateTokenResponse
| Field Name | Type | Description |
|---|---|---|
| token | Token |