Impact 2024: The Industrial Data and AI Conference for and by Users | Nominate Speakers Now for a Ch...
This is generally handled through a ticket with our support team- https://cognite.zendesk.com/hc/en-us/requests/new
Improving the experience on sharing access to data, and the access management experience is definitely an area we know could be improved. I’ve shared this with the relevant product managers as inspiration- thanks for the feedback!I do know that the bootstrap cli tool has a specific framework for access management, and has raised some feedback on access management capabilities as well.
Security categories are a specific form of negative access grants- files or timeseries with a security category cannot be access unless a user has been granted access to all security categories on the data, as well as access to that resource (reading the file otherwise).I don’t think it would be a particularly suitable mechanism in this case.
When sharing data for these use cases, would you like to share entire datasets, or subsets of datasets?Should these external parties have any form of write access, or is it read only?It’s likely possible to grant read access to different data collections, but this may require utilizing different access control scopes, or restructuring the current datasets.Access to individual timeseries (and some other resources) can be granted by specifying the timeseries ID in the access grant, for example.If trying to share part of a dataset, it may be more feasible to divide a dataset into two different datasets, both coming from the same source, but only one of which is shared- this would require potential updates to whatever owns the original dataset and has write access to it.
There is no configuration of allow-origins in the CDF API.
I believe `Access-Control-Allow-Origin` is configured with `*` for the CDF API.What is the specific endpoint you are making a request against? Are you utilizing the published Javascript SDK?
CORS settings are not configurable in CDF, to the best of my knowledge.
Our status page has a list of clusters with some limited information- I’m not sure if we have more information publicly available at this point.Generally, I believe we have at least one multitenant clusters in each of GCP and Azure in North America, Europe, and Asia.
I’m surprised dynamic consent (https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#incremental-and-dynamic-user-consent) is not an option?This is what many applications use when applied to different, unknown at registration, APIs (including fusion.cognite.com).Specifying a known client application in the registration for a Cognitedata API (in it’s registration) would need to be assessed carefully, as it impacts all customers using that application in Azure.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.