I’d like to know if it’s possible to create a login/sign up page using the workshop app and no external services. I saw someone ask a very similar question, but it went unanswered
What is exactly the workflow you want to enable here ?
Do users are foundry users ? Something else ?
Login “to what” ? or “sign-up” to what ?
Yes, the users would be foundry users. They would “login” and then get access to separate pages. For examples, someone who logins and is a teacher, would get access to a page, while a student would get access to another page created with the workshop app
In this scenario, the “login” doesn’t need to be handled at a workshop level. Access to Foundry is different than “what you can see”.
A few different ideas, happy to give more pointers if needs be:
-
you can setup the “home page” for a given user based on their user-group. This means that whenever the user logs in foundry, they automatically gets redirected to this particular page.
See https://www.palantir.com/docs/foundry/administration/configure-platform-experience -
You can setup “consumer mode” so that users cannot access the rest of foundry (folders, content, etc.). This is primarily meant for UX reasons (avoid confusion of users, etc.) and not security reasons (the permissions of a users are still directly by their roles on resources, regardless of the UI they can access).
See https://www.palantir.com/docs/foundry/administration/configure-application-access/#restrict-platform-access -
You can look into “Carbon workspace” to have a homepage with potentially multiple workshops, depending on what a given user can have access to.
See https://www.palantir.com/docs/foundry/carbon/workspaces-overview
Thanks a lot for your answer. However, to be more specific, I’d like the application to work as a “personal dashboard” for each user, with each user only being able to see their own info. (eg. in a first page they fill out their own info, on a second page they see their own dashboard). This would be possible without an external service and only using the workshop app? I just want to make sure, thanks a lot again
Good question ! But this is then a question about data-access, rather than platform or app access.
You can restrict who can see each row of a dataset (and when backing an object type, which object a user can see) by using restricted views.
See https://www.palantir.com/docs/foundry/security/restricted-views
You can then restrict that users should be only able to see the object they are entitled to see (e.g. typically: if the “user” property contains their own user rid)
Actions can also be restricted (for users to only edit their own objects) by configuring their submission criteria (same principle: “who can trigger this action, under which set of condition”).
You need to make sure that the data (mainly in your case, objects) are restricted with Restricted views. If you make available a whole unrestricted dataset in the project folder they have access, they could technically access it as well …
With those elements, you can indeed do what you describe purely in Foundry (and you get a lot of nice features, like the ability to test the rule for who can access what, granular permission on who can edit what - e.g. the permission to create might be granted to everyone, but edit to only your own object and delete only to admin or your own objects, etc.)
So overall, this goes like this:
User access the platform (centralized login) > Users access an app (can be set as a home for specific users) > Users access specific data/rows (can be set with row level permissions)
On an additional point, you might want users to not be able to see “each other”. This is a configuration in Control Panel. You will want to put all the users in the same organization, and disable “user discovery”.
You are basically describing a B2C situations (there will be docs soon about this, to get more in details !)
1 Like
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.