Identities/Users
Identities/Users
Identities are essentially users you can create within your Hiphops project. We call them identities to distinguish them from human users that sign in to the Hiphops dashboard/site.
Identities can represent a machine (e.g. a customer’s kubernetes cluster) that needs access to your images, or an actual person.
Hiphops can generate JWTs for identities, which you can then distribute as needed. Identities do not have sign-in credentials.
Permissions in a project are granted by assigning roles to identities.
Creating an identity
- Dashboard under
Access > Manage users/identities > Create user. - API with POST /api/v1/iam/{project_id}/identities
- Also a guided flow for creating identities with push/pull access is available on the
Registrydashboard page underPull an imageorPush an image.
Deleting an identity
- Dashboard under
Access > Manage users/identities > Delete. - API with DELETE /api/v1/iam/{project_id}/identities/{id}
Listing identities in a project
- Dashboard under
Access > Manage users/identities. - API with GET /api/v1/iam/{project_id}/identities
Creating a JWT
- Dashboard under
Access > Manage users/identities > Create JWT token. - API with POST /api/v1/iam/{project_id}/identities/{id}/jwt
Note: JWTs can optionally have an expiry after which that specific JWT becomes invalid. A JWT without an expiry is valid forever unless all JWTs for that identity are revoked.
Revoke all issued JWTs
- Dashboard under
Access > Manage users/identities > Revoke all tokens. - API with POST /api/v1/iam/{project_id}/identities/{id}/revoke
Note: Revoking JWTs for an identity works by rotating its ID value. For this reason it is recommended that you do not store these IDs in external systems as references. Instead use the combination of
identity.project_idandidentity.namewhich is guaranteed to be unique and persistent unless you explicitly update it.