http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/ec2b3e4f/website/publish/docs/app-security/index.html ---------------------------------------------------------------------- diff --git a/website/publish/docs/app-security/index.html b/website/publish/docs/app-security/index.html deleted file mode 100644 index ba75d69..0000000 --- a/website/publish/docs/app-security/index.html +++ /dev/null @@ -1,281 +0,0 @@ - - - - - - Apache Usergrid (incubating) — App security - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
- - -
-
- -
- -
-

App security

-

Any app you put into production should feature security that protects your app, your users, and your app’s data. Implementing security means taking steps in your mobile app’s code and in your Apache Usergrid application.

-
-

Important: When you register for Apache Usergrid, you get a sandbox application that you can use to try things out. This application is not for use in production. By default, the sandbox application is not protected by any security measures whatsoever. Use the sandbox only for experimentation, and only with data that isn’t in any way sensitive.

-
-

When securing your app, follow these high-level steps:

-
    -
  1. Define the rules that will govern access by your app’s users to your app’s data and features. You do this with the admin portal by creating permission rules, then associating those rules with your users. For more information, see Managing access by defining permission rules.
  2. -
  3. Write code through which your app’s users can verify who they are to your Apache Usergrid application. You do this by writing code that uses their username and password as credentials to initially authenticate with the Apache Usergrid application, then uses a token thereafter. (This authentication style supports the OAuth 2.0 model.) For more information, see Authenticating users and application clients.
  4. -
  5. Be sure to use coding best practices that help ensure that your app is protected from malicious attacks. For more information, see Securing your app.
  6. -
-

The following illustration describes these high-level areas.

-
- -
-
-
-
-
-
-
-
- Questions? Please do ask on the mailing-lists!
- -
-
-
-
- - - - - - - - - - - - http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/ec2b3e4f/website/publish/docs/application/index.html ---------------------------------------------------------------------- diff --git a/website/publish/docs/application/index.html b/website/publish/docs/application/index.html deleted file mode 100644 index b42eb94..0000000 --- a/website/publish/docs/application/index.html +++ /dev/null @@ -1,459 +0,0 @@ - - - - - - Apache Usergrid (incubating) — Application - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
- - -
-
- - -

Application

-

You can create a new application in an organization through the Admin portal. The Admin portal creates the new application by issuing a post against the management endpoint (see the “Creating an organization application” section in Organization for details). If you need to create an application programmatically in your app, you can also use the API to do this. You can access application entities using your app name or UUID, prefixed with the organization name or UUID:

-

https://api.usergrid.com/{org_name|uuid}/{app_name|uuid}

-

Most mobile apps never access the application entity directly. For example you might have a server-side web app that accesses the application entity for configuration purposes. If you want to access your application entity programmatically, you can use the API.

-

Application properties

-

The following are the system-defined properties for application entities. You can create application-specific properties for an application entity in addition to the system-defined properties. The system-defined properties are reserved. You cannot use these names to create other properties for an application entity. In addition the applications name is reserved for the applications collection — you can’t use it to name another collection.

-

The look-up properties for the entities of type application are uuid and name, that is, you can use the uuid and name properties to reference an application entity in an API call. However, you can search on a role using any property of the application entity. See Queries and parameters for details on searching.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PropertyTypeDescription
uuidUUIDApplication’s unique entity ID
typestring“application”
createdlong -UNIX timestamp of entity creation
modifiedlong -UNIX timestamp of entity modification
namestringApplication name (mandatory)
titlestringApplication title
descriptionstringApplication description
activatedbooleanWhether application is activated
disabledbooleanWhether application is administratively disabled
allowOpenRegistrationbooleanWhether application allows any user to register
registrationRequiresEmailConfirmationbooleanWhether registration requires email confirmation
registrationRequiresAdminApprovalbooleanWhether registration requires admin approval
accesstokenttllongTime to live value for an access token obtained within the application
-

Set properties

-

The set properties for applications are listed in the table below.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SetTypeDescription
collectionsstringSet of collections
rolenamesstringSet of roles assigned to an application
countersstringSet of counters assigned to an application
oauthprovidersstringSet of OAuth providers for the application
credentialsstringSet of credentials required to run the application
-

Collections

-

The collections for applications are listed in the table below.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CollectionTypeDescription
usersuserCollection of users
groupsgroupCollection of groups
foldersfolderCollection of assets that represent folder-like objects
eventseventCollection of events posted by the application
assetsassetCollection of assets that represent file-like objects
activitiesactivityCollection of activity stream actions
devicesdeviceCollection of devices in the service
notifiersnotifierCollection of notifiers used for push notifications
notificationsnotificationCollection of push notifications that have been sent or are scheduled to be sent
receiptsreceiptCollection of receipts from push notifications that were sent
-

 

-
-
-
-
-
-
-
- Questions? Please do ask on the mailing-lists!
- -
-
-
-
- - - - - - - - - - - - http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/ec2b3e4f/website/publish/docs/applications/index.html ---------------------------------------------------------------------- diff --git a/website/publish/docs/applications/index.html b/website/publish/docs/applications/index.html deleted file mode 100644 index 914932b..0000000 --- a/website/publish/docs/applications/index.html +++ /dev/null @@ -1,458 +0,0 @@ - - - - - - Apache Usergrid (incubating) — Applications - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
- - -
-
- - -

Applications

-

You can create a new application in an organization through the Admin portal. The Admin portal creates the new application by issuing a post against the management endpoint (see the “Creating an organization application” section in Organization for details). If you need to create an application programmatically in your app, you can also use the API to do this. You can access application entities using your app name or UUID, prefixed with the organization name or UUID:

-

https://api.usergrid.com/{org_name|uuid}/{app_name|uuid}

-

Most mobile apps never access the application entity directly. For example you might have a server-side web app that accesses the application entity for configuration purposes. If you want to access your application entity programmatically, you can use the API.

-

Application properties

-

The following are the system-defined properties for application entities. You can create application-specific properties for an application entity in addition to the system-defined properties. The system-defined properties are reserved. You cannot use these names to create other properties for an application entity. In addition the applications name is reserved for the applications collection — you can’t use it to name another collection.

-

The look-up properties for the entities of type application are uuid and name, that is, you can use the uuid and name properties to reference an application entity in an API call. However, you can search on a role using any property of the application entity. See Queries and parameters for details on searching.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PropertyTypeDescription
uuidUUIDApplication’s unique entity ID
typestring“application”
createdlong -UNIX timestamp of entity creation
modifiedlong -UNIX timestamp of entity modification
namestringApplication name (mandatory)
titlestringApplication title
descriptionstringApplication description
activatedbooleanWhether application is activated
disabledbooleanWhether application is administratively disabled
allowOpenRegistrationbooleanWhether application allows any user to register
registrationRequiresEmailConfirmationbooleanWhether registration requires email confirmation
registrationRequiresAdminApprovalbooleanWhether registration requires admin approval
accesstokenttllongTime to live value for an access token obtained within the application
-

Set properties

-

The set properties for applications are listed in the table below.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SetTypeDescription
collectionsstringSet of collections
rolenamesstringSet of roles assigned to an application
countersstringSet of counters assigned to an application
oauthprovidersstringSet of OAuth providers for the application
credentialsstringSet of credentials required to run the application
-

Collections

-

The collections for applications are listed in the table below.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CollectionTypeDescription
usersuserCollection of users
groupsgroupCollection of groups
foldersfolderCollection of assets that represent folder-like objects
eventseventCollection of events posted by the application
assetsassetCollection of assets that represent file-like objects
activitiesactivityCollection of activity stream actions
devicesdeviceCollection of devices in the service
notifiersnotifierCollection of notifiers used for push notifications
notificationsnotificationCollection of push notifications that have been sent or are scheduled to be sent
receiptsreceiptCollection of receipts from push notifications that were sent
-
-
-
-
-
-
-
- Questions? Please do ask on the mailing-lists!
- -
-
-
-
- - - - - - - - - - - -