Ego for Administrators¶
To administer Ego, the admin must:
1. Install Ego.
View the installation instructions.
2. Insert a new user with the admin’s Oauth Id into the “egousers” table, with role ADMIN.
3. A developer creates a new Ego-aware application
- Admin creates a new application in Ego with the client_id and password.
- Admin creates new policies with new policy names
- Admin assigns permissions to users/groups to permit/deny them access to the new application and policies
4. Admin creates or deletes groups, assigns user/group permissions, revoke tokens, etc. as necessary.
For example, an administrator might want to:
- Create a new group called “QA”, whose members are all the people in the “QA department”
- Create a group called “Access Denied” with access level “DENY” set for every policy in Ego
- Grant another user administrative rights (role ADMIN)
- Add a former employee to the group “AccessDenied”, and revoke all of their active tokens.
- In general, manage permissions and access controls within Ego.
Using the Admin Portal¶
Ego provides an intuitive GUI for painless user management.