Fixing more missing references. (cherry picked from commit fa4c74aa2630193dfc15d33dc959d30211419330)
Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/16306f42 Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/16306f42 Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/16306f42 Branch: refs/heads/two-dot-o-dev Commit: 16306f428ef2402c254ff884d48e98def5e6f86c Parents: d54b0fb Author: Dave Johnson <snoopd...@apache.org> Authored: Thu Aug 6 13:10:32 2015 -0400 Committer: Dave Johnson <snoopd...@apache.org> Committed: Wed Aug 12 13:02:47 2015 -0400 ---------------------------------------------------------------------- docs/data-queries/operators-and-types.md | 2 +- docs/data-queries/query-parameters.md | 2 +- docs/data-queries/querying-your-data.md | 2 +- docs/data-storage/collections.md | 8 ++++---- docs/data-storage/data-store-dbms.md | 4 ++-- docs/data-storage/entities.md | 10 +++++----- docs/entity-connections/retrieving-entities.md | 9 ++++----- docs/geolocation/geolocation.md | 2 +- docs/getting-started/creating-a-new-application.md | 6 ++++-- docs/getting-started/creating-account.md | 6 +++--- docs/getting-started/using-a-sandbox-app.md | 2 +- docs/getting-started/using-the-api.md | 2 +- docs/index.rst | 2 +- docs/introduction/data-model.md | 2 +- docs/orgs-and-apps/application.md | 2 +- docs/security-and-auth/authenticating-api-requests.md | 6 +++--- .../authenticating-users-and-application-clients.md | 6 +++--- docs/security-and-auth/facebook-sign.md | 2 +- docs/security-and-auth/user-authentication-types.md | 6 +++--- docs/security-and-auth/using-permissions.md | 2 +- docs/security-and-auth/using-roles.md | 2 +- docs/user-management/activity.md | 11 +++++------ 22 files changed, 48 insertions(+), 48 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-queries/operators-and-types.md ---------------------------------------------------------------------- diff --git a/docs/data-queries/operators-and-types.md b/docs/data-queries/operators-and-types.md index c67ccd1..bb42107 100644 --- a/docs/data-queries/operators-and-types.md +++ b/docs/data-queries/operators-and-types.md @@ -64,7 +64,7 @@ As you develop queries, remember that entity properties each conform to a partic For example, if you create an entity with a price property with a value of 100.00, querying for 100 will return no results, since the API expected a decimal-delimited float value in your query. -For a list of property data types for each default entities, see Default Data Entity Types. +For a list of property data types for each default entities, see [Default Data Entities](../rest-endpoints/api-doc.html#models)s. <table class="usergrid-table"> <tr> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-queries/query-parameters.md ---------------------------------------------------------------------- diff --git a/docs/data-queries/query-parameters.md b/docs/data-queries/query-parameters.md index 9f9fc68..944c27b 100644 --- a/docs/data-queries/query-parameters.md +++ b/docs/data-queries/query-parameters.md @@ -48,7 +48,7 @@ The following table lists a few examples of the kind of searches you can do in q ### Location -If you've stored location data with your entities, you can query for the proximity of the geographical locations those entities represent. For more information on geolocation, see Geolocation. +If you've stored location data with your entities, you can query for the proximity of the geographical locations those entities represent. For more information on geolocation, see [Geolocation](../geolocation/geolocation.html). <table class="usergrid-table"> <tr> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-queries/querying-your-data.md ---------------------------------------------------------------------- diff --git a/docs/data-queries/querying-your-data.md b/docs/data-queries/querying-your-data.md index fa10169..2da961d 100644 --- a/docs/data-queries/querying-your-data.md +++ b/docs/data-queries/querying-your-data.md @@ -42,7 +42,7 @@ For example, the following request returns the address and phone number of users When you query your data, the API response is formatted in JavaScript Object Notation (JSON). This is a common format used for parameter and return values in REST web services. -Data corresponding to the response is captured in the responseâs entities array. The array will include one JSON-object for each entity returned for the query. Each returned entity will include a number of default properties, including the UUID of the entity, the entity type, and values for properties such as name, username, email, and so on. For a complete list of default properties by entity type, see Default Data Entity Types. +Data corresponding to the response is captured in the responseâs entities array. The array will include one JSON-object for each entity returned for the query. Each returned entity will include a number of default properties, including the UUID of the entity, the entity type, and values for properties such as name, username, email, and so on. For a complete list of default properties by entity type, see [Default Data Entities](../rest-endpoints/api-doc.html#models). For example, the following query for all entities of type user where the name property equals 'Gladys Kravitz': http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-storage/collections.md ---------------------------------------------------------------------- diff --git a/docs/data-storage/collections.md b/docs/data-storage/collections.md index c072104..fa8652e 100644 --- a/docs/data-storage/collections.md +++ b/docs/data-storage/collections.md @@ -4,7 +4,7 @@ This article describes how to create collections in Advanced Usergrid. All entities are automatically associated with a corresponding collection based on the type property of the entity. You may create empty collections if you wish, but creating an entity of a new type will automatically create a corresponding collection for you. For example, creating a new custom "item" entity, creates an "items" collection. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Creating a collection @@ -51,7 +51,7 @@ This article describes how to retrieve all of the entities in a collection. <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last">â¨By default, the Usergrid API returns 10 entities per request. For collections with more than 10 entities, use the returned 'cursor' property to retrieve the next 10 entities in the result set. You may also use the LIMIT parameter in a query string to increase the number of results returned. For more information on using cursors, see [Query Parameters](../data-queries/query-parameters.html).</p></div> -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Retrieving sets of entities from a collection @@ -115,7 +115,7 @@ Response: This article describes how to perform batch updates on all entities in a collection. Batch updates require the use of a query string in the request, which can either specify all entities in the collection or a subset of entities for the update to be performed on. For more information on queries, see Querying your data. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Batch updating entities in a collection @@ -185,7 +185,7 @@ This article describes how to batch delete entities in a collection. Batch delet Currently, collections cannot be deleted; however, you can delete all of the entities from a collection. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Batch deleting entities in a collection http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-storage/data-store-dbms.md ---------------------------------------------------------------------- diff --git a/docs/data-storage/data-store-dbms.md b/docs/data-storage/data-store-dbms.md index 539cca6..0ea09d4 100644 --- a/docs/data-storage/data-store-dbms.md +++ b/docs/data-storage/data-store-dbms.md @@ -4,10 +4,10 @@ The Usergrid data store is backed by Cassandra, an open source distributed DBMS. <!-- workaround a Sphinx bug --> <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last"> -Usergrid is not a relational database. Optimizing for performance on a non-relational database like Cassandra differs a bit from relational databases. For more information, see Optimizing access to your Usergrid data store.</p> </div> +Usergrid is not a relational database. Optimizing for performance on a non-relational database like Cassandra differs a bit from relational databases. For more information, see [Optimizing access to your Usergrid data store](../data-storage/optimizing-access.html).</p> </div> -Cassandra is specifically designed to support applications that need flexibility and high scalability, particularly web and mobile applications. Usergrid client applications write and read data formatted as JavaScript Object Notation (JSON). (Usergrid provides SDKs through which client apps can do much of this work in their native language. For more information, see Usergrid SDKs.) +Cassandra is specifically designed to support applications that need flexibility and high scalability, particularly web and mobile applications. Usergrid client applications write and read data formatted as JavaScript Object Notation (JSON). (Usergrid provides SDKs through which client apps can do much of this work in their native language. For more information, see [Usergrid SDKs](../sdks/tbd.html).) With Cassandra as the underlying DBMS, apps benefit from: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/data-storage/entities.md ---------------------------------------------------------------------- diff --git a/docs/data-storage/entities.md b/docs/data-storage/entities.md index 5a70b18..be77ebd 100644 --- a/docs/data-storage/entities.md +++ b/docs/data-storage/entities.md @@ -5,7 +5,7 @@ This article describes how to create custom data entities and entity properties. The methods cited in this article should be used to create custom data entities. If you are using one of the Usergrid SDKs, use one of the entity type-specific SDK methods to create default data entities. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Creating a custom entity When a new entity is created, Usergrid will automatically create a corresponding collection if one does not already exist. The collection will automatically be named with the plural form of the entity type. For example, creating a custom entity of type 'item' will automatically create a collection named 'items' in which all future 'item' entities will be saved. @@ -144,7 +144,7 @@ Any valid JSON object can be stored in an entity, regardless of the level of com ### Updating sub-properties An array of sub-properties is treated as a single object. This means that sub-properties cannot be updated atomically. All sub-properties of a given property must be updated as a set. -For more on updating an existing sub-property, see Updating Data Entities. +For more on updating an existing sub-property, see [Updating Data Entities](../data-storage/entities.html#updating-data-entities). Example Request/Response @@ -193,7 +193,7 @@ Example Request/Response ## Retrieving Data Entities This article describes how to retrieve entities from your account. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. With the exception of the user entity, all data entities can be retrieved by using their UUID or a 'name' property. The user entity can be retrieved by UUID or the 'username' property. The value for the 'name' or 'username' property must be unique. @@ -333,7 +333,7 @@ Response: This article describes how to update entities in your account. -__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__: Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Updating an entity One or more properties can be updated with a single PUT request. For information on updating sub-properties, see Updating sub-properties below. @@ -454,7 +454,7 @@ Response: This article describes how to delete data entities. -__Note__:Although not shown in the API examples below, you need to provide a valid access token with each API call. See Authenticating users and application clients for details. +__Note__:Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details. ### Deleting an entity http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/entity-connections/retrieving-entities.md ---------------------------------------------------------------------- diff --git a/docs/entity-connections/retrieving-entities.md b/docs/entity-connections/retrieving-entities.md index 31eaf9c..6da8577 100644 --- a/docs/entity-connections/retrieving-entities.md +++ b/docs/entity-connections/retrieving-entities.md @@ -1,13 +1,12 @@ # Retrieving connections -Viewing all of an entities connections To see all of the connection types associated with an entity, simply retrieve the entity. -All of the connection types the entity has made to other entities will appear in the metadata.connections property. +All of the connection types the entity has made to other entities will appear in the ``metadata.connections`` property. -All of the connection types that other entities have made to the entity will appear in the metadata.connecting property. +All of the connection types that other entities have made to the entity will appear in the ``metadata.connecting`` property. -For user entities, following/followers connections can be accessed by sending a GET request to the URL in the collections.following and collections.followers properties. +For user entities, following/followers connections can be accessed by sending a ``GET`` request to the URL in the ``collections.following`` and ``collections.follower``s properties. Retrieve connected entities by connection type To get a list of entities a specified entity has connected to with a specific connection type, do the following: @@ -83,7 +82,7 @@ All of the entities that have made a connection of that type to the specified en ## Retrieve all connecting entities by type -To get a list of all the entities that have created a connection of a specific type to a specified entity, use the same method as shown above in Retrieve connected entities by connection type, and set the relationship to connecting/<relationship>. +To get a list of all the entities that have created a connection of a specific type to a specified entity, use the same method as shown above in Retrieve connected entities by connection type, and set the relationship to ``connecting/<relationship>``. All of the entities that have made a connection to the specified entity will be returned in the entities property of the response. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/geolocation/geolocation.md ---------------------------------------------------------------------- diff --git a/docs/geolocation/geolocation.md b/docs/geolocation/geolocation.md index ede4e3c..3da555c 100644 --- a/docs/geolocation/geolocation.md +++ b/docs/geolocation/geolocation.md @@ -36,7 +36,7 @@ Location-aware apps require the ability to return content and results based on t The returned results are sorted from nearest to furthest. Entities with the same location are returned in the order they were created. -The location parameter can be appended to any standard API Services query. For more information on how to query your API Services data, see Querying your data. +The location parameter can be appended to any standard API Services query. For more information on how to query your API Services data, see [Querying your Data](../data-queries/querying-your-data.html). For example, here is how you would find all the devices within 8,046 meters (~10 miles) of the center of San Francisco: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/getting-started/creating-a-new-application.md ---------------------------------------------------------------------- diff --git a/docs/getting-started/creating-a-new-application.md b/docs/getting-started/creating-a-new-application.md index cc5f577..ce5fb7a 100644 --- a/docs/getting-started/creating-a-new-application.md +++ b/docs/getting-started/creating-a-new-application.md @@ -8,7 +8,9 @@ To create a new application with the admin portal: 1. In the admin portal, from the dropdown menu at the far top left, select the organization to which you will add the new application. 1. Click the ADD NEW APP button, located at the top of the screen, next to the application drop-down. 1. In the dialog box, enter a new application name, then click the Create button. Your new application will automatically be selected in the applications drop-down menu. -Applications can also be created programmatically with a POST request to the API. For more, see Application. + +Applications can also be created programatically with a ``POST`` request to the API. For more, see [Application](../orgs-and-apps/application.html). ## Securing an application -If this is going to be a production application, be sure to configure security roles that provide only the level of access your users will need. For more on security, see Security best practices. \ No newline at end of file +If this is going to be a production application, be sure to configure security roles that provide only the level of access your users will need. For more on security, see [Security Best Practices](../security-and-auth/securing-your-app.html) +. \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/getting-started/creating-account.md ---------------------------------------------------------------------- diff --git a/docs/getting-started/creating-account.md b/docs/getting-started/creating-account.md index 1440926..f4f542a 100644 --- a/docs/getting-started/creating-account.md +++ b/docs/getting-started/creating-account.md @@ -3,7 +3,7 @@ To get started using the Usergrid, you'll need an Usergrid account. (Before read With an account, you get the following useful things: -* A sandbox application you can try things with (we automatically create one for you with your new account). The sandbox is a partitioned area of the data store where you can add example data and try out API calls. The sandbox isn't secure, but it's handy to play in. For more about the sandbox, see "Using Your Application Sandbox". +* A sandbox application you can try things with (we automatically create one for you with your new account). The sandbox is a partitioned area of the data store where you can add example data and try out API calls. The sandbox isn't secure, but it's handy to play in. For more about the sandbox, see [Using Your Application Sandbox](../getting-started/using-a-sandbox-app.html). * The ability to create more applications (in addition to the sandbox). You can (and should!) make these as secure as you need to. These are the applications that you'll have behind the apps you make available to your users. * Access to the Admin Portal. In the portal, you can do the following: ** Create and manage applications. @@ -11,11 +11,11 @@ With an account, you get the following useful things: ** Manage the data in your app. ** Manage app features, including push notifications, activities, analytics, and so on. ** Try out API calls with a shell command window. -** To create an Usergrid account and see a very short tutorial to get started with, go to the get started page. +** To create an Usergrid account and see a very short tutorial to get started with, go to the get started page of the Portal. ## Next steps Ready to learn and do more? -* Install an SDK that will be most useful for your application environment. For more about Usergrid's SDKs, see SDKs. +* Install an SDK that will be most useful for your application environment. For more about Usergrid's SDKs, see [SDKs](../sdks/tbd.html). * Review Usergrid features for information on concepts and features. * Consult the API Reference for usage details. \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/getting-started/using-a-sandbox-app.md ---------------------------------------------------------------------- diff --git a/docs/getting-started/using-a-sandbox-app.md b/docs/getting-started/using-a-sandbox-app.md index 7fb9cd1..75c296f 100644 --- a/docs/getting-started/using-a-sandbox-app.md +++ b/docs/getting-started/using-a-sandbox-app.md @@ -2,7 +2,7 @@ ## What is the sandbox application? -When you create a new Usergrid account (see Creating an Usergrid Account) to use services for developers, Usergrid creates a new application for you on its servers. With the new application, called "sandbox," you can add your own example data and try out API calls that do things with the data. Be sure to see Using the API for suggestions. +When you create a new Usergrid account (see [Creating an Usergrid Account](creating-account.html)) to use services for developers, Usergrid creates a new application for you on its servers. With the new application, called "sandbox," you can add your own example data and try out API calls that do things with the data. Be sure to see Using the API for suggestions. ## Is the sandbox secure? http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/getting-started/using-the-api.md ---------------------------------------------------------------------- diff --git a/docs/getting-started/using-the-api.md b/docs/getting-started/using-the-api.md index 9a7ba2d..d85f86a 100644 --- a/docs/getting-started/using-the-api.md +++ b/docs/getting-started/using-the-api.md @@ -59,7 +59,7 @@ For example, this request retrieves users whose Facebook first name is john: /users?ql=select * where facebook.first_name ='john' -For further information about queries, see Queries and parameters. +For further information about queries, see [Querying your Data](../data-queries/querying-your-data.html) ## Authentication (OAuth) Usergrid implements the OAuth 2.0 standard for authenticating users, clients and API requests. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/index.rst ---------------------------------------------------------------------- diff --git a/docs/index.rst b/docs/index.rst index e3fab8f..bcb3092 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -18,8 +18,8 @@ Apache Usergrid Documentation :maxdepth: 2 :caption: Getting Started - getting-started/creating-a-new-application getting-started/creating-account + getting-started/creating-a-new-application getting-started/using-a-sandbox-app getting-started/using-the-api.md http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/introduction/data-model.md ---------------------------------------------------------------------- diff --git a/docs/introduction/data-model.md b/docs/introduction/data-model.md index 0278b97..111e225 100644 --- a/docs/introduction/data-model.md +++ b/docs/introduction/data-model.md @@ -8,7 +8,7 @@ An organization contains one or more applications, and represents administrator- An organization with the same name as your username is automatically created for you when you sign up. By default, you are assigned as the administrator of this organization. ## Applications -In Usergrid, you can create one or more applications within an organization. Applications represent an instance of application data associated with an app, and you may create as many applications as you wish. This allows you to utilize the backend in a way that corresponds to your development process. For example, you might create separate applications for development and production instances of your app. By default, all organization have a sandbox application (see Using a Sandbox Application for important information regarding the default sandbox application). +In Usergrid, you can create one or more applications within an organization. Applications represent an instance of application data associated with an app, and you may create as many applications as you wish. This allows you to utilize the backend in a way that corresponds to your development process. For example, you might create separate applications for development and production instances of your app. By default, all organization have a sandbox application (see Using a [Sandbox Application](../getting-started/using-a-sandbox-app.html) for important information regarding the default sandbox application). Each application provides the infrastructure for storing, retrieving, updating and deleting the entities and collections associated with a specific app instance. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/orgs-and-apps/application.md ---------------------------------------------------------------------- diff --git a/docs/orgs-and-apps/application.md b/docs/orgs-and-apps/application.md index 7495aee..801b9ef 100644 --- a/docs/orgs-and-apps/application.md +++ b/docs/orgs-and-apps/application.md @@ -1,5 +1,5 @@ # Application -You can create a new application in an organization through the Admin portal. The Admin portal creates the new application by issuing a post against the management endpoint (see the "Creating an organization application" section in Organization for details). If you need to create an application programmatically in your app, you can also use the API to do this. You can access application entities using your app name or UUID, prefixed with the organization name or UUID: +You can create a new application in an organization through the Admin portal. The Admin portal creates the new application by issuing a post against the management endpoint (see the [Creating an Application](../orgs-and-apps/application.html#creating-an-application) section in Organization for details). If you need to create an application programmatically in your app, you can also use the API to do this. You can access application entities using your app name or UUID, prefixed with the organization name or UUID: https://api.usergrid.com/{org_name|uuid}/{app_name|uuid} http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/authenticating-api-requests.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/authenticating-api-requests.md b/docs/security-and-auth/authenticating-api-requests.md index af52bf6..d29e4cb 100644 --- a/docs/security-and-auth/authenticating-api-requests.md +++ b/docs/security-and-auth/authenticating-api-requests.md @@ -4,7 +4,7 @@ With the exception of the 'sandbox' application that is created with every Userg This article describes how to use access tokens to access the Usergrid API, and how to manage access tokens, including revoking and changing token time to live. -For information on generating access tokens/authenticating users and clients, see Authenticating users and application clients. +For information on generating access tokens/authenticating users and clients, see [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html). ## Authenticating with access tokens When you obtain an access token, you must provide it with every subsequent API call that you make. There are two ways to provide your access token. @@ -18,7 +18,7 @@ You can include the token in an HTTP authorization header: Authorization: Bearer {access_token} <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last">⨠-Note: The Usergrid documentation assumes you are providing a valid access token with every API call whether or not it is shown explicitly in the examples. Unless the documentation specifically says that you can access an API endpoint without an access token, you should assume that you must provide it. One application that does not require an access token is the sandbox application. The Guest role has been given full permissions (/** for GET, POST, PUT, and DELETE) for this application. This eliminates the need for a token when making application level calls to the sandbox app. For further information on specifying permissions, see Managing access by defining permission rules. +Note: The Usergrid documentation assumes you are providing a valid access token with every API call whether or not it is shown explicitly in the examples. Unless the documentation specifically says that you can access an API endpoint without an access token, you should assume that you must provide it. One application that does not require an access token is the sandbox application. The Guest role has been given full permissions (/** for GET, POST, PUT, and DELETE) for this application. This eliminates the need for a token when making application level calls to the sandbox app. For further information on specifying permissions, see [Using Permissions](security-and-auth/using-permissions.html). </p></div> ## Authenticating with client ID and client secret @@ -27,7 +27,7 @@ Another option for authenticating your API requests is using either your organiz <div class="admonition warning"> <p class="first admonition-title">WARNING</p> <p class="last">⨠Warning: For server-side use only -You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See Security best practices for additional considerations in keeping access to your app and its data secure. +You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See [Security Best Practices](../security-and-auth/securing-your-app.html) for additional considerations in keeping access to your app and its data secure. </p></div> This can be a convenient way to authenticate API requests, since there is no need to generate and manage an access token, but please note that you should be very cautious when implementing this type of authentication. Organization-level authentication grants full permission to perform any supported call against your organization and every application in it, and application-level authentication grants full permission to perform any supported call against all of the resources in an application. Should your client id and client secret be compromised, a malicious user would gain broad access to your organization or application. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/authenticating-users-and-application-clients.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/authenticating-users-and-application-clients.md b/docs/security-and-auth/authenticating-users-and-application-clients.md index eaa52f4..e1ada48 100644 --- a/docs/security-and-auth/authenticating-users-and-application-clients.md +++ b/docs/security-and-auth/authenticating-users-and-application-clients.md @@ -49,7 +49,7 @@ The results include the access token needed to make subsequent API requests on b Using your appâs client id and client secret values, your app can connect to the Usergrid application endpoint to request an access token. The client ID and secret for your app can be found in 'Getting Started' section of the API Services admin portal, under 'Server App Credentials'. <div class="admonition warning"> <p class="first admonition-title">WARNING</p> <p class="last">⨠-Warning: You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See "safe mobile access" in [Authenticating API requests](authenticating-api-requests.html) for additional considerations in keeping access to your app and its data secure. +Warning: You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See [Security Best Practices](../security-and-auth/securing-your-app.html) for additional considerations in keeping access to your app and its data secure. </p></div> ### Request syntax @@ -76,7 +76,7 @@ The results include the access token needed to make subsequent API requests on b If you do require admin user access, your app can connect to the Usergrid management endpoint to request an access token. Your app supplies the username and password of an admin user in the request. <div class="admonition warning"> <p class="first admonition-title">WARNING</p> <p class="last">⨠-Warning: Authenticating as an admin user grants full access to one or more organizations and all of the applications contained in those organizations. Due to this, be cautious when implementing this type of authentication in client-side code. Instead, consider implementing admin user access in server-side code only. See "safe mobile access" in [Authenticating API requests](authenticating-api-requests.html) for additional considerations in keeping access to your app and its data secure. +Warning: Authenticating as an admin user grants full access to one or more organizations and all of the applications contained in those organizations. Due to this, be cautious when implementing this type of authentication in client-side code. Instead, consider implementing admin user access in server-side code only. See [Security Best Practices](../security-and-auth/securing-your-app.html) for additional considerations in keeping access to your app and its data secure. </p></div> ### Request syntax @@ -103,7 +103,7 @@ The results include the access token needed to make subsequent API requests on b If you do require organization level access, your app can connect to the Usergrid management endpoint to request an access token. Access to an organization requires the client id and client secret credentials. The client ID and secret for your organization can be found on the 'Org Administration' page of the API Services admin console under 'Organization API Credentials'. <div class="admonition warning"> <p class="first admonition-title">WARNING</p> <p class="last">⨠-Warning: You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See "safe mobile access" in [Authenticating API requests](authenticating-api-requests.html for additional considerations in keeping access to your app and its data secure. +Warning: You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See [Security Best Practices](../security-and-auth/securing-your-app.html) for additional considerations in keeping access to your app and its data secure. </p></div> ### Request syntax http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/facebook-sign.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/facebook-sign.md b/docs/security-and-auth/facebook-sign.md index e2c7411..970cb33 100644 --- a/docs/security-and-auth/facebook-sign.md +++ b/docs/security-and-auth/facebook-sign.md @@ -21,7 +21,7 @@ where: ## Facebook login example The Facebook technical guides for login present detailed information on how to add Facebook login to your app. Instructions are provided for JavaScript, iOS, and Android. -In brief, here are the steps for JavaScript. You can see these steps implemented in the Facebook login example packaged with the JavaScript SDK for Usergrid (which you can download in ZIP format or tar.gz format). The Facebook login example is in the /examples/facebook directory of the extracted download. The code example snippets shown below are taken from the Facebook login example. +In brief, here are the steps for JavaScript. You can see these steps implemented in the Facebook login example packaged with the JavaScript SDK for Usergrid (which you can download in ZIP format or tar.gz format). The Facebook login example is in the ``/examples/facebook`` directory of the extracted download. The code example snippets shown below are taken from the Facebook login example. ### Step 1: Create a Facebook app Create a new app on the Facebook App Dashboard. Enter your app's basic information. Once created, note the app ID shown at the top of the dashboard page. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/user-authentication-types.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/user-authentication-types.md b/docs/security-and-auth/user-authentication-types.md index 1a14f50..d02e8d3 100644 --- a/docs/security-and-auth/user-authentication-types.md +++ b/docs/security-and-auth/user-authentication-types.md @@ -5,7 +5,7 @@ Usergrid supports four levels of authentication, but only one of them is used wh ## Configuring authentication levels Access permissions can only be configured for the 'application user' â this can be done both programmatically and in the admin portal. The application, organization and admin clients cannot be configured, and can only be accessed programmatically via the API. -For more about creating and managing roles and permissions for application users, see Managing access by defining permission rules. For a look at how security features fit together, see App Security Overview. +For more about creating and managing roles and permissions for application users, see [Using Permissions](security-and-auth/using-permissions.html) and [Using Roles](security-and-auth/using-roles.html). For a look at how security features fit together, see [App Security Overview](../security-and-auth/app-security.html). ## User authentication level @@ -16,14 +16,14 @@ For more about creating and managing roles and permissions for application users </tr> <tr> <td>Application user</td> - <td>This is the standard authentication type you will use to implement user login for your app. The application user level allows access to your Usergrid application as governed by the permission rules you create and associated with users and user groups. For more on setting permissions see Managing access by defining permission rules. Each Application User is represented by a User entity in your Usergrid application. For more about the User entity, see User.</td> + <td>This is the standard authentication type you will use to implement user login for your app. The application user level allows access to your Usergrid application as governed by the permission rules you create and associated with users and user groups. For more on setting permissions see [Using Permissions](security-and-auth/using-permissions.html). Each Application User is represented by a User entity in your Usergrid application. For more about the User entity, see User.</td> </tr> </table> ## Admin authentication levels <div class="admonition warning"> <p class="first admonition-title">WARNING</p> <p class="last">⨠-Warning: Safe use of admin authentication levels. Never use client ID and client secret, or any hard-coded credentials to authenticate this way from a client-side app, such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. Even when authenticating with username and password, be cautious when using these authentication levels since they grant broad access to your Usergrid account. See "safe mobile access" in Authenticating API requests for additional considerations in keeping access to your app and its data secure.</p></div> +Warning: Safe use of admin authentication levels. Never use client ID and client secret, or any hard-coded credentials to authenticate this way from a client-side app, such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. Even when authenticating with username and password, be cautious when using these authentication levels since they grant broad access to your Usergrid account. See [Security Best Practices](../security-and-auth/securing-your-app.html) for additional considerations in keeping access to your app and its data secure.</p></div> <table class="usergrid-table"> <tr> http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/using-permissions.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/using-permissions.md b/docs/security-and-auth/using-permissions.md index 600e09a..1454d11 100644 --- a/docs/security-and-auth/using-permissions.md +++ b/docs/security-and-auth/using-permissions.md @@ -33,7 +33,7 @@ Complex paths can be defined using [Apache Ant pattern syntax](http://ant.apache </table> ## Assigning permissions -Permissions can only be assigned to user, group or role entities. Assigning permissions to roles can be particularly useful, as it allows you to create sets of permissions that represent complex access definitions, which can then be assigned to user and group entities. For more on roles, see Using roles. +Permissions can only be assigned to user, group or role entities. Assigning permissions to roles can be particularly useful, as it allows you to create sets of permissions that represent complex access definitions, which can then be assigned to user and group entities. For more on roles, see [Using Roles](security-and-auth/using-roles.html). ### Request syntax http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/security-and-auth/using-roles.md ---------------------------------------------------------------------- diff --git a/docs/security-and-auth/using-roles.md b/docs/security-and-auth/using-roles.md index 6404edb..2a794e3 100644 --- a/docs/security-and-auth/using-roles.md +++ b/docs/security-and-auth/using-roles.md @@ -67,7 +67,7 @@ Generally, it is easiest to a create a role for each access type you want to ena The following shows how to create a new role and assign permissions to it. ### Request syntax -With cURL requests a role entity is created with a POST request, then permissions must be assigned to it with a separate request. For more on assigning permissions with cURL, see Using permissions. +With cURL requests a role entity is created with a POST request, then permissions must be assigned to it with a separate request. For more on assigning permissions with cURL, see [Using Permissions](security-and-auth/using-permissions.html). The following details how to create a new role entity. http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/16306f42/docs/user-management/activity.md ---------------------------------------------------------------------- diff --git a/docs/user-management/activity.md b/docs/user-management/activity.md index f477be8..4f09c8b 100644 --- a/docs/user-management/activity.md +++ b/docs/user-management/activity.md @@ -16,13 +16,13 @@ information about these actions). When a user creates an activity, it creates a relationship between the activity and the user who created it. Because this relationship exists, the activity will appear in the feed of any of the userâs followers. -Think of the Activities endpoint (/users/{uuid|username}/activities) as +Think of the Activities endpoint (``/users/{uuid|username}/activities``) as an "outbox" of news items created by the user. Think of the Feed -endpoint (/users/{uuid|username}/feed) as an "inbox" of news items meant +endpoint (``/users/{uuid|username}/feed``) as an "inbox" of news items meant to be seen or consumed by the user. A user can also post an activity to a group (located at -/groups/{uuid|groupname}/activities). This allows you to emulate +``/groups/{uuid|groupname}/activities``). This allows you to emulate Facebook-style group functionality, where a limited number of users can share content on a common "wall". In any of these cases, there is no need to construct publish/subscribe relationships manually. @@ -36,10 +36,9 @@ to the user's activity stream for display as well as to the activity streams of any of the user's followers. Using Usergrid APIs you can create, retrieve, update, and delete -activity entities. See You do not have access to view this node for -descriptions of these APIs. +activity entities. -**Note:** Although not shown in the API examples below, you need to +__Note:__ Although not shown in the API examples below, you need to provide a valid access token with each API call. See [Authenticating users and application clients](../security-and-auth/authenticating-users-and-application-clients.html) for details.
