Entity Managers#

Introduction#

Entities are generic and extensible data items stored and managed by the Curity Identity Server. Each entity has a unique identifier, a type, and a generic set of attributes. Entities can also have relations between themselves and to other data resources managed by the Curity Identity Server, namely Accounts and Database OAuth Clients (called resources in this context).

Entities can be of different types, depending on the concept they represent. A good example of a concrete entity type is an account group:

• An account group entity has a unique identifier, a display name, and an external identifier.
• An account group entity can also have zero or more relations with accounts.

Relations are also typed, to reflect the connection they represent. For instance, a Developers group entity can have a relation of type member with the account Alice and a relation of type owner with the account Bob. This means that:

• Alice is a member of the group Developers.
• Bob is an owner of the group Developers.

The set of entity and relations types is not hard-coded by the Curity Identity Server and is extensible without changes to the underlying data source.

Entities are not stored inside Accounts or Database OAuth Clients. Instead, they are stored independently in their own data source, alongside the relations that they may have with Accounts or Database OAuth Clients.

Configuration#

An Entity Manager is configured by two things:

• A reference to the Data Source that stores the managed entities and relations.
• A reference to the Entity Schema that defines the allowed types of entities and relations.

Group management#

If the referenced Entity Schema has support for groups, then the Entity Manager also becomes a Group Manager.