Publisher-controlled authorization
As the publisher of an event, you have several methods to control who can receive your events:
-
Public vs. Private
- Every product on the Cloud Console has this configuration, including event products/topics.
- A private product is only viewable to the team that created that product, unless the product is explicitly shared out to another team or user.
- A public product is viewable to any team that is not otherwise prohibited from seeing it.
- Note that this is a view configuration, not a use configuration. Though, if a Cloud Console user is not able to view a product, then they have not way to subscribe to it either.
-
Internal vs. External
- Every product on the Cloud Console has this configuration, including event products/topics.
- Internal products are only viewable by teams internal to Trimble (belonging to a Trimble owned account).
- External products can be viewed by any internal or external team, unless prohibited by another authorization policy.
-
Auto subscription approval vs. manual subscription approval.
- Every product on the Cloud Console has this configuration, including event products/topics.
- Auto subscription products automatically enable all subscription requests.
- Manual subscription products require the owner of the product to manually approve every subscription request to your event topic.
-
Trimble Access Management policies
-
Event publishers are able to control which specific messages in your topic are made available to certain subscribers.
-
Publishers define policies using the Trimble Access Management framework.
-
These policies, written in the Open Policy Access format, allow integrators to call on data mappings within Profiles to define whether or not a specific consuming application should have access to a specific message.
-
For example:
- If the subscribing application belongs to the organization that owns the resource identified in the Source field of an event message payload, then pass the event to them. Otherwise filter it out.
-