Managing users and access
Managing FlowAPI access with FlowAuth¶
Granting user permissions¶
FlowAuth is the tool which analysts will use to generate tokens which will allow them to communicate with a FlowKit server through FlowAPI. The following steps using the FlowAuth administration tool are required to add a user and allow them to generate access tokens:
Log into FlowAuth as an administrator.
Under "Servers", add a new server by clicking the '+' button, uploading the spec downloaded from the server, and setting the latest expiry and longest life for tokens.
Enable or disable permissions for this server under "Available API scopes".
Under "Users", add a new user, and set the username and password.
- Add a server to the user, and enable/disable API scopes
Under "Groups", add a new group,
Add a server to the group, and enable/disable API scopes
Add the user to the group.
The user can then log into FlowAuth and generate a token (see the analyst section for instructions).
Managing access to FlowDB¶
|Schema||Read access||Write access|
It is recommended that after creating a user with a temporary password that they connect using psql, and use the
\password command to set a new password.
You can manage FlowDB using psql from inside the docker container:
docker exec -it <container_name> psql -U flowdb