Origin

This is Jim Wilson's idea on multi-tenant support in Score.

Terminology notes

• It is debatable whether “multi-tenant” is appropriate to describe what we want to accomplish here.

• “role” is used as a critical feature of authorization. Perhaps “group” would be more appropriate, or at least natural, but “role” is what Auth0 provides out-of-the-box, so we’ll go with it.

• “access BIEs” refers to creating, editing, viewing, and expressing BIEs (anything with BIEs)

Background

OAGi needs:

1. to enable multiple sets of users to use one Score instance

2. to be able to limit access to BIEs created by one set of users to members of that set, and other select sets as appropriate

Key points informing the design

1. Keep the implementation simple until such time that simple won’t work.

2. The following BIE-development roles/purposes must be supported

   1. OAGi develops BIEs for the public (e.g., SME Express Pack)

   2. OAGi develops BIEs for members only (none yet)

   3. Companies develop BIEs for their company only

   4. Companies develop BIEs for their industry (e.g., MilliporeSigma for the Biopharma industry)

   5. Industry associations or consortiums develop BIEs for their industry (e.g., AgGateway)

3. Except for 2.c., there is little/no risk for a company’s confidential information to be publicly disclosed.

4. In the case of 2.c. for company whose BIE design or documentation is highly sensitive, OAGi should advise them to use an on-prem instance.

5. Each BIE must be “in” a business context.

Design

Identity Provider

OAGi has an Auth0 account and has been using it for #E authentication and authorization. Following are a couple of screen captures that illustrate how it can be configured to support Score multi-tenant.

Multi-tenant Score design

1. This design only affects BIE access. This design would not apply to CC access.

2. Score will use Auth0 for authentication and authorization.

   1. Out of the box, Auth0 supports

      1. Managing users

      2. Managing roles

      3. Managing user-role relationships

3. Only administrators may manage business contexts in Score.

4. Each business context may have zero-to-many roles associated with it (managed only by administrators). See Figure 3.

   1. There are many ways to design the UI to show roles associated with a business context and to add/delete them. Figure 3 is just one example.

   2. The built-in roles will be supported (end user, developer, admin) as Score_End_User, Score_Developer, and Score_Admin roles in Auth0.

   3. Tenant role names in Auth0 will begin with Score_Tenant_ followed by a short name. E.g., Score_Tenant_AgGateway.

5. A user may only access BIEs associated with business contexts that are associated with one of the user’s roles.

Logical process for determining what BIEs to show in the BIE list

See https://oagiscore.net/profile_bie.

• For each BIE

  • For each of the BIE’s business contexts

    • For each of the business context’s roles

      • Is the user in that role?

        • Yes: Show the BIE in the list.

        • No: Don’t show the BIE in the list

Concrete example

Roles

1. Admin

2. Developer

3. End User

4. AgGateway (tenant)

5. ACME Brick (tenant)

6. HR Open Standards (tenant)

Business Contexts

1. Human Resources

2. Agriculture

3. Construction

4. Entertainment

Users

1. Bob

2. Mary

3. Amy

4. Roy

5. Matt

6. Tess

7. Ross

BIEs - Business Contexts

Users - Roles

Business Contexts - Roles

BIE Visibility to Users

This table would be computed based on the values in the tables above.

• Mary can access all BIEs because she is in the Admin role. Administrator can see everything.

• Matt can only access BIEs in a business context associated with the ACME Brick role.

• Tess can only access BIEs in a business context associated with the AgGateway role.

• Ross can only access BIEs in a business context associated with the ACME Brick role or the AgGateway role, which in this example computes to be all of them.