http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/app-security.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/app-security.html b/content/docs/security-and-auth/app-security.html index 247cf84..b0c6a1c 100644 --- a/content/docs/security-and-auth/app-security.html +++ b/content/docs/security-and-auth/app-security.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1 current"><a class="current reference internal" href="">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -141,9 +143,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -158,6 +160,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul>
http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/authenticating-api-requests.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/authenticating-api-requests.html b/content/docs/security-and-auth/authenticating-api-requests.html index e5afa55..9a7ca6a 100644 --- a/content/docs/security-and-auth/authenticating-api-requests.html +++ b/content/docs/security-and-auth/authenticating-api-requests.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -145,9 +147,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -162,6 +164,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> @@ -232,7 +235,8 @@ access.</p> API, and how to manage access tokens, including revoking and changing token time to live.</p> <p>For information on generating access tokens/authenticating users and -clients, see Authenticating users and application clients.</p> +clients, see <a class="reference external" href="../security-and-auth/authenticating-users-and-application-clients.html">Authenticating users and application +clients</a>.</p> <div class="section" id="authenticating-with-access-tokens"> <h2>Authenticating with access tokens<a class="headerlink" href="#authenticating-with-access-tokens" title="Permalink to this headline">¶</a></h2> <p>When you obtain an access token, you must provide it with every @@ -258,7 +262,7 @@ token is the sandbox application. The Guest role has been given full permissions (/** for GET, POST, PUT, and DELETE) for this application. This eliminates the need for a token when making application level calls to the sandbox app. For further information on specifying permissions, -see Managing access by defining permission rules.</p> +see <a class="reference external" href="security-and-auth/using-permissions.html">Using Permissions</a>.</p> </p></div></div> <div class="section" id="authenticating-with-client-id-and-client-secret"> <h2>Authenticating with client ID and client secret<a class="headerlink" href="#authenticating-with-client-id-and-client-secret" title="Permalink to this headline">¶</a></h2> @@ -275,9 +279,10 @@ Started’ section of the admin portal.</p> Warning: For server-side use only You should never authenticate this<p>way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those -credentials are compiled and in binary format. See Security best -practices for additional considerations in keeping access to your app -and its data secure.</p> +credentials are compiled and in binary format. See <a class="reference external" href="../security-and-auth/securing-your-app.html">Security Best +Practices</a> for +additional considerations in keeping access to your app and its data +secure.</p> </p></div><p>This can be a convenient way to authenticate API requests, since there is no need to generate and manage an access token, but please note that you should be very cautious when implementing this type of http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/authenticating-users-and-application-clients.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/authenticating-users-and-application-clients.html b/content/docs/security-and-auth/authenticating-users-and-application-clients.html index 7e1348f..83a62b4 100644 --- a/content/docs/security-and-auth/authenticating-users-and-application-clients.html +++ b/content/docs/security-and-auth/authenticating-users-and-application-clients.html @@ -32,7 +32,7 @@ <link rel="top" title="Apache Usergrid 1.0 documentation" href="../index.html"/> <link rel="next" title="Authentication levels" href="user-authentication-types.html"/> - <link rel="prev" title="Using permissions" href="using-permissions.html"/> + <link rel="prev" title="Using roles" href="using-roles.html"/> <script src="../_static/js/modernizr.min.js"></script> @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1 current"><a class="current reference internal" href="">Authenticating users & app clients</a><ul> <li class="toctree-l2"><a class="reference internal" href="#authentication-levels">Authentication levels</a></li> <li class="toctree-l2"><a class="reference internal" href="#application-user-authentication-user-login">Application user authentication (user login)</a><ul> @@ -171,9 +173,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -188,6 +190,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> @@ -338,9 +341,10 @@ Credentials’.</p> Warning: You should never authenticate this way from a client-side app<p>such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and -in binary format. See “safe mobile access” in <a class="reference external" href="authenticating-api-requests.html">Authenticating API -requests</a> for additional -considerations in keeping access to your app and its data secure.</p> +in binary format. See <a class="reference external" href="../security-and-auth/securing-your-app.html">Security Best +Practices</a> for +additional considerations in keeping access to your app and its data +secure.</p> </p></div><div class="section" id="id1"> <h3>Request syntax<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h3> <div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/<orgName>/<appName>/token" -d '{"grant_type":"client_credentials", "client_id":<application_clientID>, "client_secret":"<application_client_secret>"}' @@ -380,8 +384,8 @@ supplies the username and password of an admin user in the request.</p> Warning: Authenticating as an admin user grants full access to one or<p>more organizations and all of the applications contained in those organizations. Due to this, be cautious when implementing this type of authentication in client-side code. Instead, consider implementing admin -user access in server-side code only. See “safe mobile access” in -<a class="reference external" href="authenticating-api-requests.html">Authenticating API requests</a> for +user access in server-side code only. See <a class="reference external" href="../security-and-auth/securing-your-app.html">Security Best +Practices</a> for additional considerations in keeping access to your app and its data secure.</p> </p></div><div class="section" id="id4"> @@ -425,9 +429,10 @@ Administration’ page of the API Services admin console under Warning: You should never authenticate this way from a client-side app<p>such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and -in binary format. See “safe mobile access” in [Authenticating API -requests](authenticating-api-requests.html for additional considerations -in keeping access to your app and its data secure.</p> +in binary format. See <a class="reference external" href="../security-and-auth/securing-your-app.html">Security Best +Practices</a> for +additional considerations in keeping access to your app and its data +secure.</p> </p></div><div class="section" id="id7"> <h3>Request syntax<a class="headerlink" href="#id7" title="Permalink to this headline">¶</a></h3> <div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/management/token" -d '{"grant_type":"client_credentials", "client_id":<org_clientID>, "client_secret":<org_client_secret>}' @@ -467,7 +472,7 @@ requests to the organization:</p> <a href="user-authentication-types.html" class="btn btn-neutral float-right" title="Authentication levels" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a> - <a href="using-permissions.html" class="btn btn-neutral" title="Using permissions" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a> + <a href="using-roles.html" class="btn btn-neutral" title="Using roles" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a> </div> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/changing-token-time-live-ttl.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/changing-token-time-live-ttl.html b/content/docs/security-and-auth/changing-token-time-live-ttl.html index bacf227..042b995 100644 --- a/content/docs/security-and-auth/changing-token-time-live-ttl.html +++ b/content/docs/security-and-auth/changing-token-time-live-ttl.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1 current"><a class="current reference internal" href="">Changing token expiration (time-to-live)</a><ul> @@ -151,9 +153,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -168,6 +170,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/facebook-sign.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/facebook-sign.html b/content/docs/security-and-auth/facebook-sign.html index 69ca5a2..1256eca 100644 --- a/content/docs/security-and-auth/facebook-sign.html +++ b/content/docs/security-and-auth/facebook-sign.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -150,9 +152,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -167,6 +169,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> @@ -267,7 +270,7 @@ JavaScript, iOS, and Android.</p> <p>In brief, here are the steps for JavaScript. You can see these steps implemented in the Facebook login example packaged with the JavaScript SDK for Usergrid (which you can download in ZIP format or tar.gz -format). The Facebook login example is in the /examples/facebook +format). The Facebook login example is in the <code class="docutils literal"><span class="pre">/examples/facebook</span></code> directory of the extracted download. The code example snippets shown below are taken from the Facebook login example.</p> <div class="section" id="step-1-create-a-facebook-app"> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/revoking-tokens-logout.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/revoking-tokens-logout.html b/content/docs/security-and-auth/revoking-tokens-logout.html index f9b899a..3767655 100644 --- a/content/docs/security-and-auth/revoking-tokens-logout.html +++ b/content/docs/security-and-auth/revoking-tokens-logout.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -149,9 +151,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -166,6 +168,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/securing-your-app.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/securing-your-app.html b/content/docs/security-and-auth/securing-your-app.html index f0638cf..d9339c3 100644 --- a/content/docs/security-and-auth/securing-your-app.html +++ b/content/docs/security-and-auth/securing-your-app.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -149,9 +151,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -166,6 +168,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/user-authentication-types.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/user-authentication-types.html b/content/docs/security-and-auth/user-authentication-types.html index 7e8f76d..1954753 100644 --- a/content/docs/security-and-auth/user-authentication-types.html +++ b/content/docs/security-and-auth/user-authentication-types.html @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -117,6 +118,7 @@ <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li> <li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1 current"><a class="current reference internal" href="">Authentication levels</a><ul> <li class="toctree-l2"><a class="reference internal" href="#configuring-authentication-levels">Configuring authentication levels</a></li> @@ -146,9 +148,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -163,6 +165,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> @@ -238,8 +241,11 @@ this can be done both programmatically and in the admin portal. The application, organization and admin clients cannot be configured, and can only be accessed programmatically via the API.</p> <p>For more about creating and managing roles and permissions for -application users, see Managing access by defining permission rules. For -a look at how security features fit together, see App Security Overview.</p> +application users, see <a class="reference external" href="security-and-auth/using-permissions.html">Using +Permissions</a> and <a class="reference external" href="security-and-auth/using-roles.html">Using +Roles</a>. For a look at how +security features fit together, see <a class="reference external" href="../security-and-auth/app-security.html">App Security +Overview</a>.</p> </div> <div class="section" id="user-authentication-level"> <h2>User authentication level<a class="headerlink" href="#user-authentication-level" title="Permalink to this headline">¶</a></h2> @@ -257,9 +263,9 @@ a look at how security features fit together, see App Security Overview.</p> login for your app. The application user level allows access to your Usergrid application as governed by the permission rules you create and associated with users and user groups. For more on setting permissions -see Managing access by defining permission rules. Each Application User -is represented by a User entity in your Usergrid application. For more -about the User entity, see User.</p> +see <a class="reference external" href="security-and-auth/using-permissions.html">Using Permissions</a>. +Each Application User is represented by a User entity in your Usergrid +application. For more about the User entity, see User.</p> </td> </tr> </table></div> @@ -274,9 +280,11 @@ way from a client-side app, such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. Even when authenticating with username and password, be cautious when using these authentication -levels since they grant broad access to your Usergrid account. See “safe -mobile access” in Authenticating API requests for additional -considerations in keeping access to your app and its data secure.</p> +levels since they grant broad access to your Usergrid account. See +<a class="reference external" href="../security-and-auth/securing-your-app.html">Security Best +Practices</a> for +additional considerations in keeping access to your app and its data +secure.</p> </p></div> <table class="usergrid-table"> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/7662bc94/content/docs/security-and-auth/using-permissions.html ---------------------------------------------------------------------- diff --git a/content/docs/security-and-auth/using-permissions.html b/content/docs/security-and-auth/using-permissions.html index 9151f01..0b06bbd 100644 --- a/content/docs/security-and-auth/using-permissions.html +++ b/content/docs/security-and-auth/using-permissions.html @@ -31,7 +31,7 @@ <link rel="top" title="Apache Usergrid 1.0 documentation" href="../index.html"/> - <link rel="next" title="Authenticating users & app clients" href="authenticating-users-and-application-clients.html"/> + <link rel="next" title="Using roles" href="using-roles.html"/> <link rel="prev" title="Security & token authentication" href="app-security.html"/> @@ -82,14 +82,15 @@ <p class="caption"><span class="caption-text">Introduction</span></p> <ul> +<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Documentation Overview</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li> <li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li> </ul> <p class="caption"><span class="caption-text">Getting Started</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li> +<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li> <li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li> </ul> @@ -133,6 +134,7 @@ </li> </ul> </li> +<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li> <li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li> <li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li> <li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li> @@ -157,9 +159,9 @@ </ul> <p class="caption"><span class="caption-text">Assets & Files</span></p> <ul> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li> -<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li> +<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li> </ul> <p class="caption"><span class="caption-text">Counters & Events</span></p> <ul> @@ -174,6 +176,7 @@ <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li> <li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li> +<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li> </ul> <p class="caption"><span class="caption-text">API Reference</span></p> <ul> @@ -305,7 +308,7 @@ assigning the permission only to that user entity.</p> Assigning permissions to roles can be particularly useful, as it allows you to create sets of permissions that represent complex access definitions, which can then be assigned to user and group entities. For -more on roles, see Using roles.</p> +more on roles, see <a class="reference external" href="security-and-auth/using-roles.html">Using Roles</a>.</p> <div class="section" id="request-syntax"> <h3>Request syntax<a class="headerlink" href="#request-syntax" title="Permalink to this headline">¶</a></h3> <div class="highlight-python"><div class="highlight"><pre>curl -X POST https://api.usergrid.com/<org>/<app>/<collection>/<entity>/permissions -d '{"permission":<permissions>}' @@ -314,8 +317,8 @@ more on roles, see Using roles.</p> <p>Parameters</p> <table border="1" class="docutils"> <colgroup> -<col width="11%" /> -<col width="89%" /> +<col width="9%" /> +<col width="91%" /> </colgroup> <thead valign="bottom"> <tr class="row-odd"><th class="head">Parameter</th> @@ -336,7 +339,7 @@ more on roles, see Using roles.</p> <td>The UUID of the entity to assign the permissions to. For users, username and for groups, name are also accepted.</td> </tr> <tr class="row-even"><td>permissions</td> -<td>The permissions to assign to the entity. See Permissions syntax for format.</td> +<td>The permissions to assign to the entity. See <a class="reference external" href="security-and-auth/using-permissions.html#permissions-syntax">Permissions syntax</a> for format.</td> </tr> </tbody> </table> @@ -446,7 +449,7 @@ the response:</p> <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation"> - <a href="authenticating-users-and-application-clients.html" class="btn btn-neutral float-right" title="Authenticating users & app clients" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a> + <a href="using-roles.html" class="btn btn-neutral float-right" title="Using roles" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a> <a href="app-security.html" class="btn btn-neutral" title="Security & token authentication" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
