Follow

Provisioning Accounts and Account Users

Introduction

Accounts and Account-level Users provide a way within Cloud Elements to organize a group of related Element Instances together. Conceptually, you can think of an account as a way to organize Element Instances for "Your Customer".

When you sign up for Cloud Elements, by default an Organization-level user is created, and a Default Account is created for you. All Elements provisioned by the Organization-level user associate to this Default Account.

The Organization-level user is the same as the User ID you signed up with, and is the only User ID you will see in your Administration -> Users screen until you provision other users into your environment:

Adding an Account

Let's say you have a customer, "Acme Publishing", and you wish to organize all Element Instances provisioned by your App, within this Account. Or perhaps, you wish to add additional developer logins to your Cloud Elements Organization, and allow them to login using their own credentials, and manage his or her own dev/testing Instances.

To accomplish these goals, you need to add an Account and an Account User, within your Cloud Elements Organization/Environment. Presently, the only way to do this is via the API. Here's how:

  1. Go to the Console Documentation, Platform -> Accounts:



  2. Expand the POST /accounts section:



  3. Prepare your Provisioning JSON. This example shows the needed fields:

    {
      "name": "Acme Publishing",
      "description": "Account for Acme Element Instances",
      "externalId": "ashton.johnson@mycompany.com"
    }
  4. externalId (in this example, ashton.johnson@mycompany.com) corresponds to the email address of the Account-level User you wish to associate to this Account.

  5. Paste the Account JSON into the Account text box:



  6. Scroll down and Click the "Try it out" button:



  7. A successful POST will show Response JSON similar to below:



  8. Make note of the id: 122294 for our Example. This is the Account ID of the new Account. You'll need it to provision a User that associates to this Account.

  9. Go to the POST /accounts/{accountId}/users section:




  10. Scroll to the User JSON Body section. First, paste the AccountID returned by your Account provisioning step above into the accountId field:



  11. Prepare your User Provisioning JSON (recommended simple version below):
    {
      "firstName": "Ashton",
      "lastName": "Johnson",
      "email": "ashton.johnson@mycompany.com",
    "password": "password" }


  12. And Paste it into the User field


  13. Scroll down and click "Try it out":



  14. A successful response will be shown in the JSON body:





  15. Important: Record/store the value of "secret" in the Response JSON! This is especially important if you are automating the provisioning workflow, and don't intend for the account-level user to be able to login. For security reasons the secret is not returned by a follow-up call to GET /users/{userId}.

  16. This user will then show up in the Administration -> Users section when logged in as the primary Organization User:



  17. The User Token returned from the POST JSON body response is sufficient to go ahead and make API calls, etc.
  18. If you wish for the user to be able to interactively login to the console, however, you'll need to initiate a password reset email. Logout from the Console:



  19. Click the "Reset Password" button:



  20. Enter the User ID of the new Account-level user into the User field, and click "Reset Password":




  21. The new User will receive their initial Password via email. It is a good idea for them to change it after their first login for security reasons.


  22. When the Account-level user logs in, you will notice that they do not have the "Administration" section of the console accessible to them (i.e. they have more limited permissions)



  23. You'll also note that the Account-level user cannot see the provisioned Element Instances of the Default Org-level user, or, other Account-level users:





  24. The Account-level user will only be able to see, use, and Administer Element Instances that he or she has provisioned.


  25. To create Account-level Instances via the API, Provision them using the User secret of the Account-level User:




  26. That's it in a nutshell! Look for updates to come!
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments