Re: [Hawkular-dev] Tenancy model (was Re: Do not depend on Keycloak anymore)

On 18.04.2016 18:43, Thomas Segismont wrote: Here's the scenario as I understand it: jdoe -> Client 1 -> admin1 -> hawkular jsmith -> Client 1 -> admin1 -> hawkular jsmith -> Client 2 -> admin2 -> hawkular On this scheme, an user "jdoe" logs in into "Client 1". This application uses "admin1" to talk to our Hawkular backend. Our backends have no idea about tenants, as it will be managed on "client" applications (ie: MiQ). I think we could/should have a way to isolate data from "admin1"/"admin2", but those users are not "tenants" in the same sense as we have today, are they? As I understand it, "jdoe" and "jsmith" might belong to the same tenant, but this information is something that is stored inside MiQ, so, not handled by our backend. Our provider (Ruby gem), however, will have access to this information. - Juca.