16 lines
825 B
Markdown
16 lines
825 B
Markdown
# General architecture
|
|
|
|
Each OpenCloud instance will provide an OpenId interface. This interface may be connected to an existing LDAP Server or a dedicated one.
|
|
|
|
# User rights definition
|
|
|
|
Each OpenCloud instance will manage it's users and their permissions :
|
|
* a user has permition to start a distributed workflow in using remote peers
|
|
* a user has administrative rights and may change the service exchenge rates
|
|
* a user is limited to view financial information on the instance
|
|
* a user belongs to a group (that may represent a project, a department,...)
|
|
|
|
# Authentication process
|
|
|
|
Each OpenCloud peer will accept a company as a whole.
|
|
Upon user connection, it will receive user rights form the origninating OpenId connect server and apply them. ex: specific pricing for a group (company agreement, project agreement, ...) |