Entity Schemas#
Introduction#
An Entity Schema defines the structure of a set of entities and relations. Each Entity Schema is composed of the following.
A set of entity types, such as group, organization, or role.
Each entity type is defined by:
- A unique name.
- The entity context, for entities that always exist in the context of another entity.
A set of entity relation types, such as member, or owner.
Each entity relation type is defined by:
- A unique name.
- The entity type for the relation source entities.
- The entity type for the relation target entities.
- The relation cardinality.
A set of resource relation types, such as member containing:
- The entity type for the relation source entities.
- The resource type for the relation target, which can be Accounts or Database OAuth Clients.
Global groups#
The Curity Identity Server can use entities and relations to manage Account Groups. In order for that to be possible, the entity schema must define:
- The entity type that represents Account Groups.
- The resource relation type that represents the membership relation between an Account and an Account Group.
- The Account Group property used as the entities unique value, which can be:
- The Account Group display name.
- The Account Group external identifier.
The Curity Identity Server does not use hard-coded entity types for representing Account Groups. Instead, these need to be configured by an administrator, from the set of entity types defined in an entity schema.
Configuration#
Currently, it is not possible to create or edit an Entity Schema via the “Facilities” menu Administration UI . Only listing and deletion is available via that interface. It is however possible to create and edit Entity Schemas via the Command Line Interface or by uploading an XML file.
To create an Entity Schema with Account Group support, using pre-defined type names, it is also possible to use the “Creates or updates an entity schema to support groups” Config Spec.