跳转至

Consumer mode(消费者模式)

Consumer mode allows you to configure Foundry so that users can access specific applications without broader access to the Foundry platform. Consumer mode is particularly useful for building business-to-consumer (B2C) and business-to-business (B2B) applications where external users need access to data and workflows without full platform access.

Rather than a singular solution, consumer mode is a way to configure Foundry such that consumer users, builders, and administrators can only access the features and applications appropriate to their roles.

  • Consumer users can only access target applications and necessary resources.
  • Consumer user API access is restricted to only include their specific needs.
  • Consumer users should never see the Foundry login page, or they should be automatically redirected if already authenticated.
  • Builders can leverage Marketplace for release management.
  • Builder administrators can enforce that consumers never receive roles beyond the consumer role.

Consumer application solutions

Foundry supports four types of consumer-facing application configurations:

In-platform consumer applications

A Workshop, Slate, or Carbon application with restricted platform access.

  • Recommended use: Build low-code custom applications. Iterate quickly using low-code application builders, and deploy to customers with minimal maintenance burden once built.
  • User login experience: Login flow which supports automatic redirect to a specific identity provider to avoid multiple login screens.

OAuth applications

An authorization grant OAuth application hosted within Foundry.

  • Recommended use: Build pro-code applications hosted in Foundry, leveraging Foundry security primitives for interactive custom applications.
  • User login experience: Login flow uses OAuth with configurable user consent forms.
  • Hosting: Foundry subdomains (for example, https://subdomain-for-app.your-foundry-domain.com/).

Client credentials applications

An OAuth/OSDK application hosted externally using a client credentials flow.

  • Recommended use: Build pro-code applications for maximal user scale that requires customer-defined user authentication and authorization logic outside of Foundry.
  • User login experience: Application builders must fully own the login experience.
  • Hosting: External hosting environment with API access to Foundry.

Public Applications

A pro-code OSDK application served from a Foundry subdomain that does not require any end-user authentication. End users interact with a constrained, allow-listed set of ontology operations through a service user managed by Foundry.

  • Recommended use: Build internet-facing experiences for users who do not have, and should not need, a Foundry account, such as data collection forms, data dissemination dashboards, and registration flows.
  • User login experience: No login. Anyone reaching the subdomain can use the application.
  • Hosting: Foundry subdomains (for example, https://subdomain-for-app.your-foundry-domain.com/).
  • Approval requirements: Each Public Application requires use-case review and approval by an Information Security Officer in your enrollment before it can be enabled. Learn more about Public Applications.

Consumer mode considerations

Scale: Ensure your solution meets your needs

Palantir platform-managed authentication and authorization supports the following metrics:

  • User capacity: 500,000+ users
  • User onboarding: Up to 5,000 new users per hour
  • Organization limits: Five organizations per enrollment by default

A client credentials application manages authentication and authorization outside Foundry; only API limits apply.

Seamless login: Prevent unnecessary authentication

Consumer mode supports a seamless login experience:

  • Default IDP per domain: Automatic redirect to a configured identity provider.
  • Realm parameter support: Directly link to an identity provider using ?_realm=realmId when multiple identity providers are configured for a single domain.
  • Service users: Service-to-service authentication using client credentials for API access without per-user login requirements.

Security: Configure access and prevent platform exposure

Consumer mode security operates on multiple levels:

Application access restrictions

  • Platform access control: Disable broader Foundry platform access for consumer organizations.
  • Application-specific access: Grant access only to Workshop, Slate, or Carbon applications.

API access restrictions

  • Role-based permissions: Enforce minimal permissions necessary for application functionality.
  • Service user permissions: For client credentials, manage authorization through service user roles.

Organization visibility control

  • User and group isolation: Prevent consumers from discovering other users or groups within the organization.
  • Cross-organization restrictions: Limit visibility and collaboration between consumer and internal organizations users and groups.

Getting started

Step 1: Set up Foundry for consumer usage

:::callout{theme="neutral"} Foundry platform setup is only required when using Foundry user permissions and authentication. If you are only creating client credentials applications, you can skip this step. :::

Review our documentation to configure your Foundry enrollment for consumer mode.

Step 2: Configure your consumer application

  1. In-platform consumer application
  2. OAuth application
  3. Client credentials application
  4. Public Application

中文翻译


消费者模式

消费者模式允许您配置 Foundry,使用户无需获得对 Foundry 平台的广泛访问权限,即可访问特定应用程序。该模式特别适用于构建面向消费者(B2C)和企业对企业(B2B)的应用程序,这类场景下外部用户需要访问数据和工作流,但无需完整的平台访问权限。

消费者模式并非单一解决方案,而是一种配置 Foundry 的方式,使消费者用户、构建者和管理员仅能访问与其角色相匹配的功能和应用程序。

  • 消费者用户只能访问目标应用程序和必要资源。
  • 消费者用户的 API 访问权限仅限于其特定需求。
  • 消费者用户不应看到 Foundry 登录页面,若已通过身份验证,则应自动重定向。
  • 构建者可利用 Marketplace 进行发布管理。
  • 构建者管理员可强制规定消费者用户仅能获得消费者角色,不得授予其他角色。

消费者应用程序解决方案

Foundry 支持四种面向消费者的应用程序配置:

平台内消费者应用程序

一种具有受限平台访问权限的 Workshop、Slate 或 Carbon 应用程序。

  • 推荐用途: 构建低代码自定义应用程序。使用低代码应用程序构建器快速迭代,构建完成后以最低维护成本部署给客户。
  • 用户登录体验: 支持自动重定向至特定身份提供者的登录流程,避免出现多个登录界面。

OAuth 应用程序

一种托管在 Foundry 内的授权授权 OAuth 应用程序。

  • 推荐用途: 构建托管在 Foundry 中的专业代码应用程序,利用 Foundry 安全原语构建交互式自定义应用程序。
  • 用户登录体验: 登录流程使用 OAuth,并带有可配置的用户同意表单。
  • 托管方式: Foundry 子域名(例如 https://subdomain-for-app.your-foundry-domain.com/)。

客户端凭证应用程序

一种使用客户端凭证流程托管在外部环境的 OAuth/OSDK 应用程序。

  • 推荐用途: 构建专业代码应用程序以实现最大用户规模,此类应用需要在 Foundry 外部定义客户自定义的用户身份验证和授权逻辑。
  • 用户登录体验: 应用程序构建者必须完全掌控登录体验。
  • 托管方式: 外部托管环境,通过 API 访问 Foundry。

公共应用程序

一种从 Foundry 子域名提供服务的专业代码 OSDK 应用程序,无需任何终端用户身份验证。终端用户通过 Foundry 管理的服务用户,与一组受限且列入允许列表的本体操作进行交互。

  • 推荐用途: 为没有(且不应需要)Foundry 账户的用户构建面向互联网的体验,例如数据收集表单、数据分发仪表盘和注册流程。
  • 用户登录体验: 无需登录。任何访问该子域名的用户均可使用该应用程序。
  • 托管方式: Foundry 子域名(例如 https://subdomain-for-app.your-foundry-domain.com/)。
  • 审批要求: 每个公共应用程序在启用前,必须经过您注册组织中的信息安全官进行用例审查和批准。了解有关公共应用程序的更多信息。

消费者模式注意事项

规模:确保您的解决方案满足需求

Palantir 平台管理的身份验证和授权支持以下指标:

  • 用户容量: 500,000 名以上用户
  • 用户入职: 每小时最多 5,000 名新用户
  • 组织限制: 默认情况下每个注册组织最多五个组织

客户端凭证应用程序在 Foundry 外部管理身份验证和授权;仅适用 API 限制

无缝登录:避免不必要的身份验证

消费者模式支持无缝登录体验:

  • 每个域名的默认 IDP: 自动重定向至已配置的身份提供者。
  • Realm 参数支持: 当单个域名配置了多个身份提供者时,可使用 ?_realm=realmId 直接链接到特定身份提供者。
  • 服务用户: 使用客户端凭证进行服务间身份验证,无需按用户登录即可访问 API。

安全性:配置访问权限并防止平台暴露

消费者模式的安全性在多个层面运作:

应用程序访问限制

  • 平台访问控制: 为消费者组织禁用更广泛的 Foundry 平台访问权限。
  • 特定应用程序访问: 仅授予对 Workshop、Slate 或 Carbon 应用程序的访问权限。

API 访问限制

  • 基于角色的权限: 强制执行应用程序功能所需的最小权限。
  • 服务用户权限: 对于客户端凭证,通过服务用户角色管理授权。

组织可见性控制

  • 用户和组隔离: 防止消费者发现组织内的其他用户或组。
  • 跨组织限制: 限制消费者与内部组织用户和组之间的可见性和协作。

入门指南

步骤 1:为消费者使用设置 Foundry

:::callout{theme="neutral"} 仅当使用 Foundry 用户权限和身份验证时,才需要进行 Foundry 平台设置。如果您仅创建客户端凭证应用程序,则可以跳过此步骤。 :::

查阅我们的文档,了解如何为消费者模式配置您的 Foundry 注册组织

步骤 2:配置您的消费者应用程序

  1. 平台内消费者应用程序
  2. OAuth 应用程序
  3. 客户端凭证应用程序
  4. 公共应用程序