Bouquet Analytics REST API —The Case for Self Governed User Management
User Access Rights impact security and speed at which your organization operates, both of which are serious issues. Here’s how we chose to implement them in Bouquet and why.
Challenges in Access Control
We used to have hierachical access rights centrally controled by Super Users (or Admins, or Supervisors, however you call them). This led to:
- management overhead,
- slowed down operations,
- inadequate rights for users.
Those are all strong barriers for an open innovation network of skills to address the creation of a multitude of business applications on top of a data store.
They also pose a security concern in less procedural companies as extended access rights may be granted to users who don’t need or deserve them just to trim down the queue of requests.
The Case for Decentralized User Management
Imagine a decentralized user rights management solution based on identified individuals inviting other identified individuals on the system. Sounds familiar? That’s right, it’s like Google Docs.
Such a self-governance system removes the bottlenecks of traditional systems while ensuring security through accountability of individuals — which is paramount to security in the first place.
A decentralized, self-governed access rights system is based on “citizen” roles who collectively self-manage the access rights of each other, ensuring a much better and constant monitoring of individual rights in each team. Also, this lets users share data more quickly without waiting for bottlenecks.
Self-Governed User Management in Bouquet
Bouquet provides a REST API to query the data by dynamically generating analytical queries that run in-database. Bouquet leverages a dynamic dictionary of metadata that is used to define business rules applied to data, metrics applied to data and made available through the API.
Access to the metadata dictionary (logical datamodel) is determined by a self-governed, invitation-based system. Users invite each other to share common definitions, ensuring data consistency and cumulative shared knowledge as more definitions are stored.
This is useful for example to implement data validation rules, enrich the metamodel with new metrics, new indexed dimensions, new relations, and common data cleansing operations.