Spydra Docs
For Developers
Spydra Platform
Spydra Platform
  • GETTING STARTED
    • Introduction
    • Why Spydra?
    • Blockchain fundamentals
      • Why Blockchain?
      • Private Blockchain
      • Public Chain
    • 🎧Getting started with a Private Network
      • Creating an account
      • Creating an organization
      • Creating a Network
      • Apps
    • 🔊Getting started with a Token Store on Public Chain
      • Token store
      • Customise token store front
      • List a real world asset and issue tokens
      • Manage token lifecycle
    • Intro to Hyperledger Fabric
  • Products Overview
    • 🎧Private Network
      • Organizations
        • Users and Organizations
        • Organisation Hosting - Spydra Hosted and BYOC
        • Organization Statuses
        • Organization Roles & Permissions
        • Organization Dashboard
        • Organization Entities
      • Networks
        • Network Statuses
        • Network Roles & Permissions
        • Network Configurations
        • Mandatory Card Addition
        • Nodes: Peer, Orderer & CA
        • Network Hosting Type
        • Network Dashboard
        • Network Operations
        • Nodes
      • Channels
      • Apps
        • Pre-Configured Apps
        • Custom Apps
      • Asset Tokenization
        • Use cases
        • Asset types
        • References
        • Asset Owners
        • Permissions
      • Tokens & Vault
      • Listeners
        • Network Listeners
        • App Listeners
        • Token Listeners
      • Workflow Builder
      • Oracles
      • GraphQL
      • Block Explorer
      • IPFS
      • Fabric Debug Plugin
    • 🔊Public Chain
      • Token Store
      • Tokenize Real World Assets
      • Tokenomics: Token & Token Sale
      • Trade & Payout
  • How to
    • 🎧Private Network
      • Account
        • Create an Account
        • Edit Profile details
        • Update email & Password
        • Forgot password
        • Google OAuth Signup - Update Email & Password
        • Deactivating or deleting your account?
      • Organizations
        • Create an Organization
        • Create & Manage BYOC Hosting
        • Invite members to an organisation
        • Edit Organization details
        • Manage Org members
        • Leave an Organization
        • Update Organization member roles
        • Pay Organisation Invoice
        • Update Billing Address
        • View Invoices
        • Organization Dashboard
        • Delete an Organisation
      • Networks
        • Create a Network
        • Advance Settings: Key Vault Store
        • View and edit Network details
          • Update Permissions for Network Members
          • Update Network Configuration
          • Update Key Vault
          • Manage API Keys
          • Delete a network
        • Inviting an organisation to a Network
        • Network Roles & Permissions
        • Joining a Network
        • Network Dashboard
      • Apps
        • Explore Apps
        • Deploy App
          • Deploying Asset Tokenization App
        • Manage Apps
        • Application Dashboard
      • Channels
        • Creating a Channel
        • Create a Consensus Policy
        • Update Channel
        • Channel Members
        • Delete channel
      • Nodes
        • Create Node
        • Node Dashboard
        • Delete Node
      • Pre-configured Apps
        • Deploy Asset Tokenization App
        • Asset Data
      • Custom Apps
        • Deploy Custom Chaincode
        • Chaincode as external service
        • Supported File Formats - ZIP format
        • Building in Binary format
          • Golang - Binary Format
          • Java Jar files
        • Chaincode Logs
      • Workflow
        • Triggers
        • Condition
        • Read
        • Actions
        • End
        • Variables & Identifiers
        • Calculations & Formulas
      • Oracles
        • Create an Oracle
        • Oracle with Asset tokenisation
        • Oracle with Custom Chaincode
      • Listeners
        • Create a Listener
        • Manage Listeners
    • 🔊Public Chain
      • Account
        • Create an Account
        • Edit Profile details
        • Update email & Password
        • Forgot password
        • Google OAuth Signup - Update Email & Password
        • Deactivating or deleting your account?
      • Token Store
        • Create a Token Store
        • Design Store Front
        • Custom Domain Hosting
        • Google Analytics Integration
        • Create & Manage Store Users
          • Store User KYC
        • Accreditation Management
        • Store Payments
        • Token Store Customers
      • Tokenise a Real World Asset
        • Real Estate
        • Other Asset Categories
      • Create a token
        • Define your token
        • Investor & Buyback Settings
        • Configure token returns & payouts
        • Create token sale
      • Additional Configurations
        • Create a Document Workflow
      • Publish Asset
      • Tokenise on TestNet
        • Polygon Amoy
      • Manage Token lifecycle
        • Returns & Payouts
          • Initiate an equity payout
          • Authorise Debt Payouts
          • View all payouts
        • View token investors
        • View token transactions
        • View signed documents
        • View/ Create a token sale
        • Post Token Updates
        • Update Price
        • Buyback Requests
  • Billing & Pricing
    • Pricing
    • Billing
      • Opt-in Billing
      • Opt-out Billing
    • Adding a Card & Autopay
    • Invoice Payments
    • Billing forecast
    • Unpaid Invoices
    • Credits
  • Developers
    • API Reference
      • Asset Tokenization
        • REST API
        • Testing REST API
        • GraphQL
          • Quickstart
          • Simple queries
          • Nested object queries
          • Complex queries
          • Aggregate queries
          • Operators
          • Built-in attributes
          • Pagination
      • Custom Chaincode
        • REST API
        • Testing REST API
        • GraphQL
          • Quickstart
          • Simple queries
          • Complex queries
          • Operators
          • Pagination
      • Token Store (Public Chain)
        • Token Issuer
        • Investor
      • IPFS
    • Developer Tools
      • Monitoring [Coming Soon]
    • API Key
  • Support
    • FAQs
    • My account is banned [D]
    • Why is it recommended to have an Odd number of Orderer nodes on a Network?
    • Support
  • Others
    • Glossary
  • Policies
    • Terms & Conditions
    • Privacy Policies
    • Open Spydra
Powered by GitBook
On this page
  • What are Entities
  • How do I use entities
  • How does it work in Hyperledger Fabric?

Was this helpful?

  1. Products Overview
  2. Private Network
  3. Organizations

Organization Entities

PreviousOrganization DashboardNextNetworks

Last updated 10 months ago

Was this helpful?

What are Entities

Every organization is registered as a member within the blockchain ledger. While invoking any method in the blockchain using REST API or GraphQL API, an Api key is used to authenticate which identifies the organization that is making the call. Sometimes, you would want to invoke a method on behalf of a user, department, sub-organization, vendor or any other entity that belongs to the parent organization. For e.g. a loyalty management organization might have multiple users on behalf of whom transactions have to be conducted or a healthcare organization might be providing services to different pharmacies and prescriptions are managed on behalf of these pharmacies.

In such cases, the API calls can be made on behalf of an Entity. An Entity is identified by a key:value pair. For e.g. "userId:1234", "pharmacy:ph876" or "vendorId:345v" are all valid Entities. Basically, you have the flexibility to specify the Entity key (like userId, pharmacy, vendorId) etc. and the actual value.

How do I use entities

Entities can be used in two different ways:

  • Assigning assets to entities: In any API call, where assets can be assigned to organizations, you can assign them to Entities instead. For e.g to assign the ownership of an asset to an organization using the API, the new owner organization will be specified as below:

{​
  "assetType": "Property",​
  "id": "Prop1",​
  "owners": [​
    {​
      "orgId": "63c912fd5902d6c20ac43c89",​​
    }​
  ]​
​}

To assign the same asset to an entity within the organization, you would do the following. Just add the entity that is part of the organization.

{​
  "assetType": "Property",​
  "id": "Prop1",​
  "owners": [​
    {​
      "orgId": "63c912fd5902d6c20ac43c89",​
      "userId": "1234"​
    }​
  ]​
​}

How does it work in Hyperledger Fabric?

API calls on behalf of an Entity: In any API call, if you add the additional query string parameter "actAs=Entity", the call to the blockchain will be made on behalf of that Entity. This means that any permission evaluations will be done in the context of the specified Entity. For e.g. when you add the query parameter "actAs=userId:1234" while calling the API, it will only return results if the userId 1234 is an owner of the asset or has read permissions on it. Essentially, the call will be made in the context of userId 1234.

The Entity based authentication and authorization uses the concept in Hyperledger Fabric. The Spydra platform uses the Entity key and value specified in the actAs query parameter to create a certificate that uniquely identifies that Entity by adding the key/value pair as an additional attribute in the certificate. The blockchain calls are made by signing the requests by using this certificate. This additional attribute can then be extracted from the certificate and used in the App/Chaincode (pre-configured or custom) to make access control decisions.

🎧
Attribute based access control
Ownership transfer
GetAsset