Organization Service
The organization service manages organizations, environments and teams and serves as fundamental level of access management.
Across all NativeWaves services and APIs, access is managed using a hierarchical resource membership and role system. This system enables granular authorization structures and flexible access control. Here's how it works:
- Users can be members of organizations and hold specific roles within those organizations. For example, a user can be a member of an organization with the role of "Admin". When the user accesses a child resource, such as an environment, the NativeWaves platform recognizes their admin access to the parent resource (organization). As a result, the user is granted relevant privileges and permissions for the child resource.
- In addition, users can also be members of specific environments without direct membership in the parent organization. If a user, who is solely a member of an environment, attempts to access organization-related information, such as listing available organizations in the console, the NativeWaves platform understands the user's active membership to the child resource. It grants limited privileges to allow the user to perform the specific task, such as listing the organization.
For more in-depth information regarding the REST API of this service, we encourage you to check the Swagger API documentation. This comprehensive page outlines the various endpoints, parameters, and responses of the API.
A user account is always associated with you individually and is not governed by any organization. You have the option to be a member of multiple organizations, either by creating them yourself or by receiving invitations to join existing ones.
Organizations serve as the fundamental level of access management, with all resources belonging to a particular organization.
Billing information and resource usage are calculated based on the organization as a whole, rather than on an individual user basis. The user who initially creates an organization assumes the role of the organization owner. As the owner, they possess the most extensive privileges, including the ability to delete the organization. Once the organization is created, it is possible to add other members to the organization.
Environments serve as the primary means of managing resources in different contexts that are independent of organization management, such as teams, members, and related organization settings.
The main purpose of environments is to group resources and provide a convenient approach to configuring environments for different contexts, such as a production environment and test or development environments tailored to your specific infrastructure needs.
Teams allow you to manage access rights to certain resources in a grouped manner. When granting member access to a resource, teams can be included alongside individual users. This ensures that every team member receives the same membership status for that resource. Furthermore, teams can themselves be members of other teams, resulting in the propagation of all related resource membership statuses from parent teams to all child teams and their respective members.