Users
A User account is based on a unique email address. Identification is made using a hashed password in database. This is not possible to register twice the same email address. Additionally, there is currently no way to share resource across User Accounts. :-( (it was the purpose of "permissions" attribute on Flows but the feature is deprecated).
Tagged on #feature, #resource,
Profile Role
By default t6 on Saas is implementing only the role free
which is having a quota limit on creating resources.
During user creation process the role is set (and hardcoded) to free and cannot be changed yet.
Resources | Quota for free users |
---|---|
objects | 5 |
flows | 2 |
rules | 1 |
tokens | 10 |
snippets | 2 |
dashboards | 1 |
uis | 2 |
categories | 20 |
stories | 999 |
api calls (1 week period window ) | 9999 |
User Authentication
There are multiple Authentication grant_types on t6:
- Auth using the user credentials (username and password)
password
; this is the default type when grant_type attribute is not POSTed on the payload. - Auth using a custom AccessToken
access_token
; by default AccessToken are 24 hours valid. AccessToken can be revoked. - And the last type is the
refresh_token
. This type expect the provided jwt to extend by a default duration.
The autentication process is generating a JWT valid for a short time : 5 minutes.
Attached to this Jwt, a refresh_token
is returned on the Auth payload and remain valid for 24 hours.