Overview of Key Entity Concepts
Entities are the basic building blocks for the metadata management of the control plane. Entities come with auto-generated REST APIs (could be used to provide public APIs for control plane users), real time lifecycle events needed for control plane/data plane integration.
Nile has built-in entities for common SaaS data models like users, organizations and access policies. In addition you can and should create custom entities for your application data models. Nile uses JSON Schema for built-in SaaS entities and custom entity definitions.
Every entity has several fields which are managed by Nile and are read-only for developers and users:
|id||string / uuid||Unique identifier for the entity instance in Nile.|
|type||string / enum||Type of the entity. For example, this field will contain "user" or "organization" for instances of built-in entities and the entity name for instances of custom entities|
|created||date time, iso 8601 formatted string||Time the instance was created|
|updated||date time, iso 8601 formatted string||Time the instance was last updated|
|seq||int64||Incrementing counter, increases with each update to the entity instance.|
Access Control Model
A Nile Developer has access to all data in workspaces they're a member of, including their users' data. As a developer, you can also create access policies that affect users in different organizations in your workspace.
A user that signs-up to a Nile-based control plane and creates a new organization is considered an organization admin. Organization admins can also create, delete and modify access policies for the organization.
If no access policies exist for an organization, users that belong to that organization can see all data in that organization - all entity instances, custom or built-in.