Skip to content

Commit

Permalink
Account Linking
Browse files Browse the repository at this point in the history 
Signed-off-by: Lee Calcote <[email protected]>
  • Loading branch information
@leecalcote
leecalcote committed Jun 5, 2024
1 parent 2ed92fd commit 82937a5
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 22 deletions.
33 changes: 18 additions & 15 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
# Layer5 Product Documentation

Explore tutorials and documentation by product in the docs.layer5.io website; documentation and developer resources of Layer5 products.

## Contributions Welcome!
## Contributions Welcome

If you find a typo or you feel like you can improve the HTML, CSS, or JavaScript, we welcome contributions. Feel free to open issues or pull requests like any normal GitHub project, and we'll merge it in 🚀

Expand All @@ -11,21 +12,21 @@ The website can be run locally through Golang (Hugo) or Docker. If you choose to

### With Docker

Running the site locally is simple. Provided you have Docker installed, clone this repo, run `make docker`, and then visit http://localhost:1313.
Running the site locally is simple. Provided you have Docker installed, clone this repo, run `make docker`, and then visit <http://localhost:1313>.

> [!IMPORTANT]
> This requires Docker Desktop version **4.24** or later, or Docker Engine with Docker
> Compose version [**2.22**](https://docs.docker.com/compose/file-watch/) or later.
### With Golang

If your local development environment has a supported version (v1.21.0+) of Golang installed, next you'll need to install extended hugo version as it has necessary SCSS/SASS support. Find all the hugo packages here: https://github.com/gohugoio/hugo/releases/tag/v0.120.4
If your local development environment has a supported version (v1.21.0+) of Golang installed, next you'll need to install extended hugo version as it has necessary SCSS/SASS support. Find all the hugo packages here: <https://github.com/gohugoio/hugo/releases/tag/v0.120.4>

Now to setup and run the site locally run:
Now to setup and run the site locally run:

`make setup` followed by `make site`

...and then visit http://localhost:1313.
...and then visit <http://localhost:1313>.

If you pull down new code from GitHub, you will occasionally need run `make setup` again. Otherwise, there's no need to re-run `make setup` each time the site is run, you can just run `make site` to get it going and have it automatically reload as you make and save site edits.

Expand All @@ -40,7 +41,7 @@ If you pull down new code from GitHub, you will occasionally need run `make setu
- **Personas:** Beginners, developers, admins, operators, security specialists, contributors, users of all experience levels.
- **Needs:** Varied - learning fundamentals, managing tasks, understanding advanced concepts, contributing code.

## Cloud Docs:
## Cloud Docs

### Getting Started

Expand Down Expand Up @@ -86,7 +87,7 @@ Keep your MeshMap designs internal to your workplace. Get remote support from La

Low-level ReST API reference for extending Layer5 Cloud.

## Meshmap Docs:
## Meshmap Docs

### Getting Started with Designs

Expand Down Expand Up @@ -138,6 +139,7 @@ title: 'My Title'
description: "A thorough, yet succinct description of the page's contents"
---
```

The significant keys in the YAML frontmatter are:

`title` (string) - This is the title of the page that will be set in the HTML title.
Expand All @@ -149,19 +151,21 @@ The significant keys in the YAML frontmatter are:
<div>&nbsp;</div>

### Uploading Images to the site
To display images in a pop-up modal, use the following syntax: `![alt text](/path/to/image.svg)`.

To display images in a pop-up modal, use the following syntax: `![alt text](/path/to/image.svg)`.

**Note-> For images to show correctly on subpages, always provide the complete image path**

### Adding Alert to the site

Use the following Syntax to add a Alert:
`{{< alert type="success" title="Note" >}} Your Note {{< /alert >}}`

- `type="danger"`: Alert used to indicate something related to security.
- `type="info"`: Alert used to write some information.
- `type="warning"`: Alert used to indicate a warning that might need attention.
- `type="note"`: Alert used to indicate a neutral information.
- `type="success"`: Alert used to indicate a positive information.
- `type="danger"`: Alert used to indicate something related to security.
- `type="info"`: Alert used to write some information.
- `type="warning"`: Alert used to indicate a warning that might need attention.
- `type="note"`: Alert used to indicate a neutral information.
- `type="success"`: Alert used to indicate a positive information.

By default, if you don't specify a title `title="Your Title"`, the title will be the same as the type name.

Expand All @@ -176,7 +180,7 @@ Our projects are community-built and welcome collaboration. 👍 Be sure to see
<a href ="https://layer5.io/community/meshmates"><img alt="MeshMates" src=".github/readme/images/layer5-community-sign.png" style="margin-right:10px; margin-bottom:15px;" width="28%" align="left"/></a>
<h3>Find your MeshMate</h3>

<p>MeshMates are experienced Layer5 community members, who will help you learn your way around, discover live projects and expand your community network.
<p>MeshMates are experienced Layer5 community members, who will help you learn your way around, discover live projects and expand your community network.
Become a <b>Meshtee</b> today!</p>

Find out more on the <a href="https://layer5.io/community">Layer5 community</a>. <br />
Expand All @@ -194,7 +198,6 @@ Find out more on the <a href="https://layer5.io/community">Layer5 community</a>.
</picture>
</a>


<a href="https://meshery.io/community"><img alt="Layer5 Community" src=".github/readme/images//community.svg" style="margin-right:8px;padding-top:5px;" width="140px" align="left" /></a>

<p>
Expand Down
22 changes: 15 additions & 7 deletions content/en/cloud/identity/users/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,33 +6,41 @@ categories: [Identity]
tags: [users]
---

### User Accounts
## User Accounts

Every person who uses Layer5 Cloud signs into a user account. Your user account is your identity on Layer5 Cloud and has a username and profile. For example, see Five's profile.
Anyone who uses Layer5 Cloud signs into a user account. Your user account is your identity on Layer5 Cloud and has a username and profile. For example, see Five's profile.

<!-- {{< alert type="warning" title="TODO" >}}Insert Five's user profile here.{{< /alert >}} -->

Your user account can own resources such as workspaces, designs, connections, credentials, tokens, Any time you take any action on Layer5 Cloud such as creating a design or reviewing a deployment request, the action is attributed to your user account.

Each user account is subscribed to a plan: Free, Team, or Enterprise. All user accounts can own an unlimited number of public and private workspaces, with an unlimited number of collaborators on those workspaces. If you use Layer5 Free, private workspaces owned by your user account have a limited feature set. You can upgrade to Layer5 Enterprise to get a full feature set for private workspaces.
Each user account is subscribed to a plan: Free, Team, or Enterprise. All user accounts can own an unlimited number of public and private workspaces, with an unlimited number of collaborators on those workspaces. If you use Layer5 Free, private workspaces owned by your user account have a limited feature set. You can upgrade to Layer5 Enterprise to get a full feature set for private workspaces.

{{< alert type="info" >}}
For more information, see [Layer5 subscription plans](https://layer5.io/pricing).
{{< /alert >}}

Teams allow you to organize users into groups and conveniently assign access to workspaces or to assign roles with associated keychains and keys to control permissions.
Teams allow you to organize users into groups and conveniently assign access to workspaces or to assign roles with associated keychains and keys to control permissions.

{{< alert type="info" >}}
You need to have the default `Team Admin` role to assign permissions to users in your team. For more information, see [Teams](/cloud/identity/teams).
{{< /alert >}}

Organizations may have any number of teams and teams may have any number of users. User accounts are treated as sovereign entities that are owned by individual individuals, not by corporations.


Organization and teams may have any number of users accounts. User accounts are treated as sovereign entities that are owned by individual individuals, not by corporations.

Users and their tokens may be authorized to access resources. Users can be created and managed by the Provider Admins, Organization Admins, or Team Admins. Users of one organization may be granted access to resources (e.g. Workspaces and Designs) of another organization. User entitlement, roles and permissions are org-scoped, meaning that the entitlements and permissions that a given user has in one organization does not necessarily reflect the same level of access that their membership in another oganziation does.

{{< alert type="info" >}}
Only Provider Admins and Organization Admin can create users. For more information, see [Roles](/cloud/security/roles/).
{{< /alert >}}
Only Provider Admins and Organization Admin can create users. For more information, see [Roles](/cloud/security/roles/).
{{< /alert >}}

## Account Linking

You can link your Layer5 account to social sign-in providers after sign up, as well as unlink social sign-in providers that you might have previously added. You can link your social sign-in accounts on login automatically using a secure flow. This is how it works:

1. You create an account with the email address `[email protected]` and a password.
2. When signing in later, click to sign in with a social sign-in provider (e.g. GitHub or Google) that contains the same email address `[email protected]`.
3. Since your same email address is aleady associated to an your existing account, registered already, you will be prompted to enter the password of your existing account.
4. After entering the correct password, your social sign-in is linked to your existing account. Now, you can sign in with either password or social sign-in provider.
10 changes: 10 additions & 0 deletions content/en/cloud/self-hosted/planning/identity-services.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,16 @@ categories: [Self-Hosted]
tags: [identity]
weight: 3
---
Layer5 Cloud offers a built-in identity provider (IDP), supporting OIDC for normal users and token-based authentication (access, ID, refresh tokens) for API clients with JSON Web Signature (JWS) for token signing. Layer5 Cloud users can sign-up via email and password in addition to social identity providers (Google and GitHub) via OAuth2. See [Getting Started with a Layer5 Account](../../getting-started/getting-started-with-layer5-account.md) for details.

Layer5 Cloud identity services include features such as account recovery, email verification, automatica social sign-in account linking, and multi-factor authentication (coming soon).

{{< alert type="info" >}}
For more information, see [User Account Linking](/cloud/identity/users).
{{< /alert >}}

Layer5 Cloud is also working toward being the IDP for Layer5 by supporting OIDC. It will leverage social authentication with Google, GitHub, Twitter, and LinkedIn based on OIDC to authenticate normal users. After authentication, Layer5 Cloud will be able to generate the access token, ID token, and refresh token for normal users. Applications, on the other hand, will use client credential OAUTH2 to get an access token.

The following diagram illustrates the architecture of Layer5 Cloud.

![self-hosted-deployment](../images/self-hosted-deployment.svg "image-center-no-shadow")

0 comments on commit 82937a5

Please sign in to comment.