work in progress
Description
Account service offers operations to manage a CollectionSpace account. To securely access the CollectionSpace services, an account for a user is required in the system. An account is associated with an identity. The identity could either reside in [collectionspace:CollectionSpace Identity Provider (CSIP)] which is the default identity provider or a foreign identity provider such as CalNet or an OpenID provider.
In release 0.4 only CSIP is supported
Key Concepts
Relationships
Following describes the relationship between an Account, a Person and a User in the [default identity provider].
Unknown macro: {gliffy}
An account is associated with at least one Person in CollectionSpace. An account might have a user identity in the default identity provider.
Assumptions
- In a multi-tenant SaaS deployment of CollectionSpace, it is assumed that account service is consumed by users with privileges to manage accounts for a tenant.
- Tenant context (id) is never available to the account service consumer nor is required to be provided by the consumer.
Assumptions for managing account with identity managed by [CollectionSpace Identity Provider]
Unknown macro: {multi-excerpt-include}
Issues
Unknown macro: {multi-excerpt-include}
- The Person Service is the System of Record (SOR), or authoritative data source, for personIds.
- The SOR for systemIds is TBD.
References
- [collectionspace:Authentication Service Description and Assumptions]
- [collectionspace:CollectionSpace Identity Provider (CSIP)]
- [Design notes for multi-tenancy in CollectionSpace]