THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
User filtering is an important aspect when it comes to integrating Custos with external systems. Consumers might have various modes of user filtering scenarios based on their business logic in the application. In this section, we discuss such use cases and provide the mechanisms to enforce them using the user authorization schemes of Custos
- Manual User Whitelisting
Consumers might need to have users logging into their systems through Custos but restrict these users' access to critical services or resources until those users are manually approved. There might be different permission scopes that are distinct or hierarchical. We can easily implement this using the group-based authorization mechanism in Custos. First, the consumer/tenant admin needs to create a group or set of groups in Custos which maps to the permission scopes he wants. These groups can be created either as a distinct entity or a hierarchical entity that derives permissions from the parent gropus. When it comes to enforcing this, once the user is authenticated, application can talk to Custos to veirfy
Custos provides different layers of user filtering for authentication and authorization.
...