Within the context of Brass, there are a few profiles to be aware of:
- Customer: This profile references the actual business entity in a relationship with Brass; most resources in Brass are tied to this entity.
- User: This profile references the actual person using Brass on behalf of the Customer entity. They usually have permissions applied on them to restrict the resources belonging to the Customer that they have access to.
Profiles are relevant because understanding them makes it possible to determine what can be accessed by a person (User) and in what context it can be accessed.
When a request is made to Brass - outside of trivial functions - most calls require us to know the user attempting the action and on whose [the Customer] behalf the action is being made.
Why knowing "who" matters
Knowing who is making the action is important for security reasons. We want to be able to log the user who took the action, at what time the action was taken and if they're permitted to perform the action.
- Add as many users as required to fulfil your business operation needs
- Remove users as desired without affecting the business
- Set permissions on everyone added to your customer profile and specify what resources they have access to
- Have access to multiple customer profiles with the same user account