Namespaces and access
The Clarify API uses namespaces to control access to different API methods. The namespace appear in front of the method name like this: <namespace>.<method name>
. You control which namespaces your integration can access in the Admin panel.
Clarify aims to make sure only people with the right credentials can access your data, but it's your responsibility to keep your credentials safe. If you are unlucky and an adversary gets hold of your credentials, which risk this poses for your organization depends on which access this integration has been granted.
Keep in mind that risk assessments needs to be repeated. Because Clarify is an evolving product, addition of new methods and/or security measures can affect your previous risk assessments.
Good general advice:
- Never grant access on more namespaces that you need.
- Take care to revoke credentials that are no longer in use.
- Separate concerns, and avoid letting a single integration handle multiple roles.
- Re-evaluate risks at fixed intervals.
Integration namespace
All integrations has their own name space.
All integrations in Clarify can access the integration namespace by default. This namespace allows writing data and meta-data to the integration's own signals. Within this namespace, signals are uniquely identified by the value of the input
attribute.
Note that methods in this namespace is write only, with the exception of the create/save summaries returned from the member methods. This means that the risk of a confidentiality breach from loosing credentials wilt access to this namespace only, is minimal.
Namespace methods:
With access to the integration namespace, and adversary that got a hold of your credentials could affect:
- integrity: By writing/overwriting signal data or meta-data within the integration namespace.
- availability: By writing more data than your plan allows, potentially affecting other integrations ability to create signals.
Future API versions may expose more methods, in which case you should redo your risk assessments.
Admin namespace
Let an integration see what an organization admin can see.
The admin namespace currently allows access to methods that read signals, and publish them as items. This access is organization wide, meaning your integration can select and (re-)publish items from other integrations.
Namespace methods:
With access to the admin namespace, and adversary that got a hold of your credentials could affect:
- confidentiality: By reading signal and item meta-data in the in the organization namespace.
- integrity: By (re-)publishing items with incorrect/fake meta-data in the organization namespace.
Future API versions may expose more methods, in which case you should redo your risk assessments.
Clarify namespace
The clarify namespace allow access to read item meta-data as well as data from the associated time-series. This access is organization wide, meaning your integration can access all published items.
Namespace methods:
With access to the clarify namespace, and adversary that got a hold of your credentials could affect:
- confidentiality: By reading item data and meta-data in the in the organization namespace.
Future API versions may expose more methods, in which case you should redo your risk assessments.