Hub Concepts
This page describes the terminology that we use in Hub.
Users
A user is an account that a person can use to log in to Hub and other connected services. A user account includes the email address and password used as login credentials.
Depending on the type of authentication scheme, user accounts can be:
Created manually.
Imported from connected services.
Created automatically upon login.
Every user account can be assigned one or more roles. The roles define access to Hub and service-specific features. The level of access is determined by the permissions that are assigned to the role. Every user account also belongs to at least one group.
In addition to registered users, there are two default user accounts in Hub:
Username | Description |
|---|---|
admin | The default system administrator account. This user can perform any operation in Hub. |
guest | A special user account for unregistered users. This user account grants access without authentication to Hub and other connected services. Guest login is enabled by default. |
For more information, see Users.
Groups
A group is a collection of user accounts. Groups let you manage multiple accounts more efficiently. You can grant and restrict access to specific features in Hub and other connected services for all group members at once.
You can create as many user groups as you need. Each user group can contain any number of user accounts and even other user groups. Each user account can belong to multiple user groups.
All Users is a special user group that is always present in the system. This group contains all registered users. You cannot remove users from this group. A role that is assigned to the All Users group grants default permissions to all system users.
For more information, see Groups.
Roles
A role is a collection of permissions.
When you assign a role to a user account or group, the user or group is granted all the permissions assigned to the role.
In Hub, you can only assign permissions to a role. You cannot grant permissions directly to a user or group.
There are three default roles in Hub:
Observer
Developer
System Admin
In addition to the roles that are specific to Hub, roles are imported from the services that are connected to Hub.
For more information, see Roles.
Permissions
A permission is an authorization that allows to a user to perform a particular operation. In Hub, you can only assign permissions to a role. You cannot grant permissions directly to a user or group.
A role is a collection of permissions that defines access to to Hub and service-specific features.
Permissions in Hub fall into two categories:
Category | Description |
|---|---|
Hub permissions | These permissions authorize a user to perform an operation in Hub. For example, create a group or update a resource in a connected service. |
Service-specific permissions | These permissions authorize a user to perform an operation in a connected service. These permissions are usually imported to Hub when the data is synchronized with the service. |
A permission is assigned to a role and not granted directly to a user or group.
For more information, see Hub Permissions.
Services
A service is any application or external service that can be connected and registered in Hub.
Hub supports connections to the JetBrains team collaboration tools YouTrack and Upsource.
For more information, see Services.
Resources
A resource is an entity provided by a connected service. Each service can provide access to different resource types, as shown in the following table.
Service | Resource | Description |
|---|---|---|
Hub | Group | Provides group members with access to the resources. |
Auth Modules
Auth modules enable authentication for users in external services and applications that are connected to Hub.
For setup instructions, see Auth Modules.