Password Manager Entitlements

Managing consumption of Password Manager capabilities

The Password Manager SDK enables you to examine the resources used and their limits for a registered user. Resource limits are described by an Entitlement, an object with a name and a limit indicating some maximum usage value. Resource usage is tracked for each Sudo.

To allocate entitlements to your users or groups of users, refer to the Entitlements Administrative API.

Entitlement Types

The following table describes the entitlements used to control access to the Password Manager:

Entitlement Type Description

Entitlement	Type	Description
`sudoplatform.vault.vaultMaxPerSudo`	Numeric	Maximum number of vaults a Sudo can have at a time. If zero, this user is not entitled to access the Password Manager.

sudoplatform.vault.vaultMaxPerSudo

Numeric

Maximum number of vaults a Sudo can have at a time. If zero, this user is not entitled to access the Password Manager.

/* ... */
export type EntitlementName = 'vaultMaxPerSudo' | ...

public struct Entitlement {
    /* ... */
    public enum Name: String {
        case maxVaultPerSudo
    }
}

data class Entitlement(
    // ...
) : Parcelable {
    /** Enum that represents the different types of entitlements available */
    enum class Name {
        MAX_VAULTS_PER_SUDO
    }
}

Getting Entitlements

The getEntitlement method returns the set of Password Manager Entitlements and their limits granted to the signed in user.

try {
    const entitlements = await client.getEntitlement()

    entitlements.forEach((ent) =>
        console.log(`This user can have up to ${ent.limit} of ${ent.name}`))
} catch (error) {
    // Handle/notify user of the error.
}

var client: PasswordManagerClient!

client.getEntitlement { (result) in 
    switch result {
    case .success(let entitlements):
        entitlements.forEach {
            print("This user can have up to \($0.limit) of \($0.name)")
        }

    case .failure(let error):
        /* Handle error logic */
        return
    }
}

// val client: SudoPasswordManagerClient

launch {
    try {
        val entitlement = withContext(Dispatchers.IO) {
            client.getEntitlement()
        }

        entitlement.forEach {
            println("This user can have up to ${it.limit} of ${it.name}")
        }
    } catch (e: SudoPasswordManagerException) {
        // Handle/notify user of exception
    }
}

The getEntitlementState method returns the usage value of each Password Manager Entitlement for each Sudo.

try {
    const entitlementStates = await client.getEntitlementState()

    entitlementStates.forEach((ent) =>
        console.log(`Sudo ${ent.sudoId} has consumed ${ent.value}/${ent.limit} of ${ent.name}`))
} catch (error) {
    // Handle/notify user of the error.
}

var client: PasswordManagerClient!

// Entitlement state
client.getEntitlementState { (result) in 
    switch result {
    case .success(let entitlements):
        entitlements.forEach {
            println("Sudo \($0.sudoId) has consumed \($0.value)/\($0.limit) of \($0.name)")
        }

    case .failure(let error):
        /* Handle error logic */
        return
    }
}

// val client: SudoPasswordManagerClient

launch {
    try {
        val entitlementState = withContext(Dispatchers.IO) {
            client.getEntitlementState()
        }

        entitlementState.forEach {
            println("Sudo ${it.sudoId} has consumed ${it.value}/${it.limit} of ${it.name}")
        }
    } catch (e: SudoPasswordManagerException) {
        // Handle/notify user of exception
    }
}

Read more about the Sudo Platform entitlements system and how to integrate with it in the Entitlements section of the Sudo Platform documentation.

PreviousPassword Utilities NextPassword Vault Security

Last updated 2 years ago