Skip to main content
Version: 1.1

Dataspaces in Stellio

To configure the dataspace model of the platform in Stellio, we group the key entities of Stellio into Tenants.

The access check is done as for the other components in the CIVITAS/CORE Platform by the API Management in front of Stellio.

How the Platform's Dataspace Concept maps to Stellio

For each dataspace, we implement a Tenant in Stellio with a set of three needed Roles for Reading, Writing and Deleting entities. The API Management checks, if the needed role is assigned to the user.

  • Entities: Entities in Stellio are the core data objects. Entities are assigned to tenants and stored in tenants.
  • Tenant: A tenant is a grouping of entities where access to the tenant can be granted. The integrated check of Stellio is disabled and replaced by the API Management in front. Tenants are separated schemas on database level.

Example for Keycloak and Stellio

The following settings describe the dataspaces named "baumkataster" and "denkmalschutz" defined in Keycloak and Stellio:

Keycloak client "api-access":

  • Group for dataspace "baumkataster": baumkataster
  • Group for dataspace "denkmalschutz": denkmalschutz
  • Keycloak user "Max Mustermann" (max@mustermann.de)
    • User-Group-Assignments: baumkataster, denkmalschutz
  • Tenants in Stellio: baumkataster, denkmalschutz

Mapping illustrated

This mapping is illustrated in the following image by using the same color for matching objects. Stellio-Entities

Setting up Dataspaces in Stellio

There is no manual setup of the dataspace concept needed in Stellio.