Accounts


The Accounts application is the visible part of Commun Axiom Cloud Manager (CCM) from the user's perspective. CCM performs three fundamental functions necessary for the proper operation of the Commons network.

Identification function

The identification function is intended to allow the user to create an account on the platform, to manage their own identity through the modification of their profile, and to manage their collaboration with other users on the platform. Collaboration on Commun Axiom involves three distinct strategies:

  1. Contacts establish a direct collaboration link with another user account on the platform. It establishes that communication between the two users is possible and shares, within the limits prescribed by the user, the datasets and portfolios maintained on the Commons application.
  2. Groups are essentially collaborative networks or partners with similar goals. A group member is not necessarily a direct contact, but a user could establish privilege rules for certain datasets assigned to groups to facilitate collaboration around certain topics of common interest.
  3. Organizations allow multiple users to act under a single account. Typically used to represent real life organizations, organizations enable accounts to be added according to specific access rules, allowing different levels of access and administration of different components on the platform.

Authorization function

Authorization is provided by the Open ID Connect (OIDC) server. The OIDC server provides an encrypted token to applications that can then decrypt it to retrieve the access information associated with the user. In addition to providing user access, OIDC provides specific access to each application individually, which allows limiting the level of authorization a component can have in the system. In order to obtain a token, a user is redirected to an authentication page on the OIDC server. Once the authentication is completed, the user is redirected and a Token is transferred to the main application.

Dynamic provisioning function

The provisioning function is the least visible function from the user's point of view. It is nevertheless critical to the proper functioning of the platform. It is this function that takes care of provisioning the cloud infrastructure required when a user requests an online instance of the Commons client application. Furthermore, it also takes care of the deployment and maintenance of the versions of the Commons application deployed on site, whether it is a PC version or a micro-server version. It also manages the deployment of applications necessary for the proper functioning of the automation, such as the Orchestrator and Let's Agree.