Skip to content

Tenant Identification Flow

Jump to bottom Edit New page
Chad Lung edited this page Dec 12, 2013 · 11 revisions

Assumptions: In the HTTP HEAD is the X-Auth-Token, this is present just for the sake of documentation of the HTTP headers currently used. It is also assumed that a proxy will handle authentication prior to the flow described below. It is also assumed SSL will be used in the final product.

Caching: Attempts to validate message tokens, IDs, etc. should first be checked with the Worker's local cache. If the value(s) are not found then a REST call to the Coordinator should happen. Once the sought after data is retrieved from the Coordinator the Worker should cache this data locally.

Tenant (Customer) sends log event data to the Meniscus entry point:

POST /v1/{tenant id}/publish HTTP/1.1
ACCEPT: application/json
CONTENT-TYPE: application/cee+json
X-Auth-Token: XXXXXX
MESSAGE-TOKEN: {UUID4}

{
	… LOG EVENT DATA - to be defined …
}

Note: Please note the content-type above has been set as application/cee+json

Validate the tenant's JSON event log data as valid JSON.

A Meniscus worker will contact the Coordinator API to verify the tenant id (if the tenant id is not cached locally already):

HEAD /v1/{tenant_id}/token HTTP/1.1
MESSAGE-TOKEN: {UUID4}

Take the response HTTP status code returned from the above call.

If the returned HTTP status is 200 OK, then:

Try to acquire the hostname from the message, correlate the incoming JSON data with the tenant's host data.

If no hostname is found then return HTTP 400.

If there is a hostname, then correlate the procname against the tenant's host event producers. If there are no event producer in the tenant's host data then the message is given a default event producer.

This is structured data good enough for storage in MongoDB.

Tenant's expected response from the worker:

HTTP/1.1 204 NO CONTENT

If the tenant id is not found:

Expected Response

HTTP/1.1 404 NOT FOUND
CONTENT-TYPE: application/json

{ 
    "message": "The tenant id specified was not found"
}

If the message fails authorization (could be due to a bad message token or a tenant id/message token mismatch):

Expected Response

HTTP/1.1 401 UNAUTHORIZED
CONTENT-TYPE: application/json

{ 
    "message": "Message not authenticated, check your tenant id and or message token for validity"
}
Add a custom footer
Add a custom sidebar

Clone this wiki locally