Setup Organization

RBAC Structure

The current structure of RBAC is divided into orgs and owners. An org contains owners and owners have access to multiple bots, conversation logic, adapters, and other resources.

Setting up your Organization

Before you can start using these resources and creating new bots, you need to setup your org and owners.

note

The enpoints listed below assume that the base url is that of Auth service.

Creating an Organization With Super User

Everything comes under an organization in BharatSahAIyak. Below is a sample request for creating an organization and adding a default organization admin.

POST

/org Create an org and org admin.

Request Body

Name	Type	Required	Description
orgName	String	YES	Name of the organization. (Only alphanumeric characters without spaces).
adminEmail	String	YES	Email for the Super User (Org Admin).
adminName	String	YES	Name for the Super User (Org Admin).
adminName	String	YES	Password for the Super User (Org Admin).

Curl Request

curl --location 'AUTH_SERVICE_BASE_URL/org' \
--header 'Content-Type: application/json' \
--data-raw '{
    "orgName": "MyOrg",
    "adminEmail": "myOrg@organization.in",
    "adminName": "My Org",
    "adminPassword": "MyOrgPass"
}'

Response Body

{
    "path": "/org",
    "apiVersion": "v1",
    "msgid": "00000000-0000-0000-0000-000000000000",
    "result": {
        "orgId": "00000000-0000-0000-0000-000000000000",
        "ownerId": "00000000-0000-0000-0000-000000000000",
        "name": "My Org",
        "email": "myOrg@organization.in",
        "role": "superAdmin"
    },
    "timestamp": "2024-04-05T08:05:23.592Z",
    "method": "POST"
}

Once you have created your org and org admin, you can login with admin credentials to get admin JWT which can be used to read and write resources in the BharatSahAIyak system.

Below is the sample curl for logging in using credentials.

POST

/org/login Login using credentials.

Request Body

Name	Type	Required	Description
email	String	YES	Email for a user.
password	String	YES	Password for a user.

Curl Request

curl --location 'AUTH_SERVICE_BASE_URL/org/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "myOrg@organization.in",
    "password": "MyOrgPass"
}'

Response Body

{
    "path": "/org/login",
    "apiVersion": "v1",
    "msgid": "00000000-0000-0000-0000-000000000000",
    "result": {
        "token": "AUTH_TOKEN",
        "ownerId": "00000000-0000-0000-0000-000000000000",
        "orgId": "00000000-0000-0000-0000-000000000000",
        "verified": true,
        "role": "superAdmin"
    },
    "timestamp": "2024-04-04T05:40:55.073Z",
    "method": "POST"
}

Creating Owners

Now that you have an admin AUTH_TOKEN you "can" start creating and using resources, although you "should" create individual owners instead of directly using your admin AUTH_TOKEN to restrict org-wide privilege.

Below is the curl request for creating an owner.

POST

/org/addOwner Create a new owner.

Headers

Name	Type	Required	Description
Authorization	String	YES	Authorization token for organization admin. You can get AUTH_TOKEN by logging in.

Request Body

Name	Type	Required	Description
email	String	YES	Email for the owner.
name	String	YES	Name for the owner.
password	String	YES	Password for the owner.

Curl Request

curl --location 'AUTH_SERVICE_BASE_URL/org/addOwner' \
--header 'Authorization: ADMIN_AUTH_TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "Owner@organization.in",
    "name": "Owner Name",
    "password": "OwnerPass"
}'

Response Body

{
    "path": "/org/addOwner",
    "apiVersion": "v1",
    "msgid": "00000000-0000-0000-0000-000000000000",
    "result": {
        "orgId": "00000000-0000-0000-0000-000000000000",
        "ownerId": "00000000-0000-0000-0000-000000000000",
        "name": "Owner Name",
        "email": "Owner@organization.in",
        "role": "owner"
    },
    "timestamp": "2024-04-05T08:38:32.187Z",
    "method": "POST"
}

You can now use these owner credentials to login as explained here.
Now that you have an owner JWT you can start using it for managing resources. Take a look here for a guide on setting up a bot.

Validating a JWT

You can validate your JWT using the endpoint below.

POST

/org/validate Validate a JWT.

Headers

Name	Type	Required	Description
Authorization	String	YES	Authorization token for a user.

Curl Request

curl --location --request POST 'AUTH_SERVICE_BASE_URL/org/validate' \
--header 'Authorization: AUTH_TOKEN'

Response Body

{
    "path": "/org/validate",
    "apiVersion": "v1",
    "msgid": "00000000-0000-0000-0000-000000000000",
    "result": {
        "id": "00000000-0000-0000-0000-000000000000",
        "orgId": "00000000-0000-0000-0000-000000000000",
        "role": "orgAdmin",
        "verified": true
    },
    "timestamp": "2024-04-05T08:46:08.243Z",
    "method": "POST"
}

RBAC Structure​

Setting up your Organization​

note

Creating an Organization With Super User​

Request Body​

Curl Request​

Response Body​

Login With Org Admin Creds​

Request Body​

Curl Request​

Response Body​

Creating Owners​

Headers​

Request Body​

Curl Request​

Response Body​

Validating a JWT​

Headers​

Curl Request​

Response Body​

Contents

RBAC Structure

Setting up your Organization

Creating an Organization With Super User

Request Body

Curl Request

Response Body

Login With Org Admin Creds

Request Body

Curl Request

Response Body

Creating Owners

Headers

Request Body

Curl Request

Response Body

Validating a JWT

Headers

Curl Request

Response Body