Version: 1.1

Data spaces in Stellio

To configure the data space model in Stellio, we group the key entities of Stellio into Tenants.

Access checks are handled by the API Management in front of Stellio, similar to other components in the CIVITAS/CORE Platform.

How the Platform's Data space Concept Maps to Stellio

For each data space, we implement a Tenant in Stellio with a set of three needed Roles for Reading, Writing and Deleting entities. The API Management checks if the required role is assigned to the user.

Entities: Entities are the core data objects in Stellio. Entities are assigned to tenants, and stored in tenants.
Tenant: A tenant is a grouping of entities where access to the tenant can be granted. The integrated check of Stellio is disabled and replaced by the API Management in front. Tenants are separated schemas on database level.

Example for Keycloak and Stellio

The following settings describe the data spaces named "baumkataster" and "denkmalschutz" defined in Keycloak and Stellio:

Keycloak client "api-access":

Group for data space "baumkataster": baumkataster
Group for data space "denkmalschutz": denkmalschutz
Keycloak user "Max Mustermann" (max@mustermann.de)
- User-Group-Assignments: baumkataster, denkmalschutz
Tenants in Stellio: baumkataster, denkmalschutz

Mapping illustrated

The mapping is illustrated in the following image, using matching colors for corresponding objects. Stellio-Entities

Setting Up Data spaces in Stellio

No manual data space setup is required in Stellio.

How the Platform's Data space Concept Maps to Stellio​

Example for Keycloak and Stellio​

Mapping illustrated​

Setting Up Data spaces in Stellio​

How the Platform's Data space Concept Maps to Stellio

Example for Keycloak and Stellio

Mapping illustrated

Setting Up Data spaces in Stellio