Glossary¶
- authentication policy
- authentication policies
An authentication method enabled in configuration
- Kinto-Core HTTP API
A system of rules that explains the way to interact with the HTTP API endpoints (utilities, synchronization, headers etc.), and how data is organized (JSON responses etc.).
- CRUD
Acronym for Create, Read, Update, Delete
- endpoint
- endpoints
An endpoint handles a particular HTTP verb at a particular URL.
- extensible
«Extensible» means that the component behaviour can be overriden via lines of code. It differs from «pluggable».
- Firefox Accounts
Identity Provider run by Mozilla (https://accounts.firefox.com).
- Identity Provider
An identity provider (abbreviated IdP) is a service in charge of managing identity information, and providing authentication endpoints (login forms, tokens manipulation etc.)
- HTTP API
Multiple publicly exposed endpoints that accept HTTP requests and respond with the requested data, in the form of JSON.
- KISS
«Keep it simple, stupid» is a design priciple which states that most systems work best if they are kept simple rather than made complicated.
- pluggable
«Pluggable» means that the component can be replaced via configuration. It differs from «extensible».
- resource
A resource is a collection of records. A resource has two URLs, one for the collection and one for individual records.
- user id
- user identifier
- user identifiers
A string that identifies a user. It is prefixed with the authentication policy name (eg.
account:alice
,ldap:bob
,google:me@gmail.com
, …). These identifiers are used to refer to users in permissions or groups.- object
- objects
Also refered as «records», objects are stored by Kinto-Core resources.
- tombstone
- tombstones
When a record is deleted in a resource, a tombstone is created to keep track of the deletion when polling for changes. A tombstone only contains the
id
andlast_modified
fields, everything else is really deleted.- principal
- principals
An entity that can be authenticated. Principals can be individual people, computers, services, or any group of such things.
- permission
- permissions
An action that can be authorized or denied. read, write, create are permissions.
- Semantic Versioning
A standard MAJOR.MINOR.PATCH versioning scheme. See http://semver.org/.
- ACE
- ACEs
- Access Control Entity
An association of a principal, an object and a permission. For instance, (Alexis, article, write).
- ACL
- ACLs
- Access Control List
A list of Access Control Entities (ACE).