Any regular object can be converted into a User or a Group object for purposes of ACLs by
adding a special property auth to that object’s schema. See here for details
on that property. By converting an object into a User or a Group, Cordra
can enable such objects (once authenticated) to exercise access control over other objects.
Objects that are converted into Users or Groups, as such, can be managed as regular objects using the API by any user with permission to do so.
Additionally, they can be created and modified in the Cordra UI by authorized users.
JavaScript based rules can be used on User and Group objects, as with any other object type. This can be useful for tasks like checking password strength, ensuring that usernames meet certain criteria, or preventing users or groups from being deleted unless certain conditions are met. See Example: User Schema JavaScript for an example of how to use JavaScript rules to perform validation and enrichment tasks.
See Authenticate Hook for the lifecycle hook allowing customization of authentication.
In the Cordra UI, click “Create” and choose the “User” type.
This will open the UI for editing the new User object.
The username and password should be filled in. If the user’s password should be changed
after the next authentication, set the “Require Password Change” field to
true. Click the save button to save the User object.
In the Cordra UI, click “Create” and choose the “Group” type.
This will open the UI for editing the new Group object.
to add identifiers of user objects.
In the user field, begin by typing the username of the user you would like to add. As potential matches are found, search results will pop up, allowing you to select the desired user.
Once the appropriate user has been found, click on the username to fill in the user field with the User object identifier.
Repeat these steps for each user to be added to the group. When all users have been added, click the “Save” button to save the Group object