Skip to content

Ownership and Sharing

Identity and Ownership

Every resource in Processing Framework — Operations, Procedures, Engines, and Deployments — is owned by the identity that created it. Ownership is expressed using two identifiers sourced from Trimble Identity (TID):

  • account_id — The TID account identifier. An account typically represents an organization or team. Multiple clients can exist under a single account.
  • client_id — The TID subject identifier for a specific client within an account. This is the identity of the application or user that authenticated with TID.

Both values are present in the JWT issued by TID when authenticating with the Processing Framework API. The account_id and client_id together uniquely identify the owner of a resource.

Sharing

Operations and Procedures created by a user are private by default. They can be selectively shared with other identities using the shared_with list. Each entry in shared_with is an object with the following fields:

FieldRequiredDescription
account_idYesThe TID account identifier to share with.
client_idNoThe TID subject identifier (client ID) to share with.

The behavior depends on which fields are provided:

  • account_id only — Grants access to all clients within that account. Any client authenticating under that account will be able to use the resource.
  • account_id + client_id — Grants access to that specific client only. Other clients under the same account will not have access.

Only the original owner of an Operation or Procedure can modify it. A user who has had a resource shared with them can use it (e.g., reference an Operation in a Procedure, or execute a Procedure), or clone it to create their own independently-owned copy.

Publishing

Publishing makes a resource available to every user in the system — present and future. It is equivalent to sharing with all users simultaneously and is irreversible. The same rules regarding modification and cloning apply to published resources as to shared ones.