Internal IdP
This page describes how to manage user and user groups using Traefik Hub as IdP.
Introduction¶
User and user group management is an important aspect of API Management that involves the creation, modification, and deletion of user accounts and groups in order to manage access and permissions to APIs, API Gateways and API Portals.
User and user groups are created through the Hub UI and can be referenced in the CRDs.
User¶
Every consumer in Traefik Hub has a user account. The user account identifies the user, and the user account settings determine which APIs and API Portal the user can access.
In Traefik Hub, every user needs to be part of a user group.
It is not possible to assign an individual user to an API, however you can assign a user to a group as the only member.
When a user is a member of multiple groups, the user will inherit the permission level of the group with the most access.
Check the tutorial about user management.
Each user account must contain the following:
- User's First Name
- User's Last Name
- Email Address
- Company
- Group(s)
User Groups¶
Groups are a means of categorizing users. This allows for granting permissions to a specific group, for example to API collections.
A user may belong to any number of groups and automatically has all the permissions granted to that group.
In Traefik Hub, every user needs to be part of a user group.
Check the tutorial about user management.
What's next¶
- Learn how-to add user
- Learn more about managing API Portal permissions