Skip to main content

Manage Access

Overview

In the Spotflow IoT Platform, you can work with different assets, such as Devices or Streams. Each asset is located in exactly one Workspace. A User can create any number of Workspaces and invite other Users to join them:

In this example, Alice created the Workspace A and Bob created the Workspace B. Because Bob invited Alice to B, she can access not only the Device robo-alice, but also robo-bob.

Asset names are unique only within the scope of a single Workspace. Therefore, you must provide the Workspace ID to all the API endpoints that work with platform assets. Similarly, both the CLI and the Portal require you to choose the Workspace before you can perform any actions.

User

Each User in the platform represents a real human. You have multiple options to create a User account (see Sign Up):

  • Use an existing account on Google, LinkedIn, GitHub, Microsoft, or X.
  • Enter your e-mail address and a custom password. In this case, you'll need to use a verification code sent to your e-mail address to verify that you own it.

Right after the registration, the User's free 14-day trial period starts. During the trial, the User can use the platform without limits. If the User doesn't select a paid plan until the trial ends, the Workspaces created by the User will be disabled.

tip

Ask us to prolong your trial period (even if it already ended) if you need more time to test your use cases.

The most important User properties:

  • First name and last name are chosen by the User and don't have to be unique.
  • E-mail address uniquely identifies the User. Therefore, there can't be two Users with the same e-mail address, even if the first one authenticates with a Google account and the second one with a custom password.
  • Object ID (OID) is an alternative unique identifier generated by the platform.

Workspace

As the example shows, Workspaces are containers that isolate platform assets. Because of the isolation, the Device robo-bob can't send data to the Stream wonderland. Therefore, make sure that all the assets that need to work together are always located in the same Workspace. In practice, we recommend using different Workspaces for development and production. They can also represent different projects in a large company.

A Workspace has the following properties:

  • Workspace ID is a generated GUID that uniquely identifies the Workspace within the platform.
  • Display name is a human-readable string that should describe the purpose of the Workspace.
  • The Workspace can be in two possible states:
    • It's enabled by default.
    • If the trial period of the User who created the Workspace ends, its state changes to disabled. It's not possible to work with assets in a disabled Workspace and the contained Devices are not allowed to connect to the platform. To unblock the Workspace, the User must either change the plan to a paid one or ask us to prolong the trial period.

Any User with access to the Workspace can invite other Users to join. Each invited User receives an invitation link and must click it and log in to the Portal to gain access to the Workspace.