Ownership and Sharing
Identity and Ownership
Every resource in Processing Framework — Operations, Procedures, Engines, and Deployments — is owned by the identity that created it. Ownership is expressed using two identifiers sourced from Trimble Identity (TID):
account_id— The TID account identifier. An account typically represents an organization or team. Multiple clients can exist under a single account.client_id— The TID subject identifier for a specific client within an account. This is the identity of the application or user that authenticated with TID.
Both values are present in the JWT issued by TID when authenticating with the Processing Framework API. The account_id
and client_id together uniquely identify the owner of a resource.
Sharing
Operations and Procedures created by a user are private by default. They can be selectively shared with other
identities using the shared_with list. Each entry in shared_with is an object with the following fields:
| Field | Required | Description |
|---|---|---|
account_id | Yes | The TID account identifier to share with. |
client_id | No | The TID subject identifier (client ID) to share with. |
The behavior depends on which fields are provided:
account_idonly — Grants access to all clients within that account. Any client authenticating under that account will be able to use the resource.account_id+client_id— Grants access to that specific client only. Other clients under the same account will not have access.
Only the original owner of an Operation or Procedure can modify it. A user who has had a resource shared with them can use it (e.g., reference an Operation in a Procedure, or execute a Procedure), or clone it to create their own independently-owned copy.
Publishing
Publishing makes a resource available to every user in the system — present and future. It is equivalent to sharing with all users simultaneously and is irreversible. The same rules regarding modification and cloning apply to published resources as to shared ones.