{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-guides/sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"User context and authorization","description":"Accelerate E&P application development and protect your innovation by consuming our Data and Domain APIs / Platform APIs.","lang":"en-US","meta":[{"name":"robots","content":"noindex"}],"llmstxt":{"hide":true,"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"user-context-and-authorization","__idx":0},"children":["User context and authorization"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["User context and authorization play an important role in building custom applications when using the SLB digital platform."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"user-context","__idx":1},"children":["User context"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["A context is a set of metadata associated with the user, based on pre-defined business rules, ensuring that they align with organizational policies and workflows. It primarily consists of-"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"organizational-context","__idx":2},"children":["Organizational context"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This provides information about the user’s organization, contractual agreement under which consumption of product and services to be metered, and the organization hierarchy. This comprises of three key entities-"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"account","__idx":3},"children":["Account"]},"The account is the highest organization entity in SLB digital platform. Typically, there will only be one account per company. All users, departments, contracts, data sources, and user groups are associated with the account."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"contract","__idx":4},"children":["Contract"]},"The contract defines the key commercial and pricing terms applicable to the online services for that account, such as – monthly cap, contract term, pricelist, commitments etc."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"department","__idx":5},"children":["Department"]},"A department is a mechanism of managing users and their consumption of SLB offerings within an account and contract. An Account Admin can create departments in Digital Home and add users to that department."]}]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"data-context","__idx":6},"children":["Data context"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This refers to the active data partition a user is working on."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"data-partition","__idx":7},"children":["Data partition"]},"A data partition is an enterprise-wide container, used for data aggregation, separation, and sharing purposes. It is a ‘virtual’ data boundary, which enables users to access specific data based on their department or group assignments. Users can work in data partitions across multiple accounts."]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"a-user-is-allowed-to-choose-from-available-contexts-before-consuming-the-application-a-developer-building-a-custom-application-should-ensure-that-all-user-interactions-are-scoped-appropriately","__idx":8},"children":["A user is allowed to choose from available contexts before consuming the application. A developer building a custom application should ensure that all user interactions are scoped appropriately."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"authorization","__idx":9},"children":["Authorization:"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Authorization in the SLB digital platform is context aware and ensures that users and applications can only access resources within the context they are operating in. This approach enhances security and reduces complexity for developers."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The two authorization aspects which are supported today-"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"subscription-authorization","__idx":10},"children":["Subscription authorization:"]},"An application should verify that user has a subscription to their application in the user’s selected context. This validation should be at the contract level (using “contractId” parameter) to ensure that right contractual terms are honored for the access and metering."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"data-authorization","__idx":11},"children":["Data authorization:"]},"An application should verify that the user has access to the data partition selected under data context. This validation should be based on the “slbPartitionId” of the data partition."]}]}]},"headings":[{"value":"User context and authorization","id":"user-context-and-authorization","depth":1},{"value":"User context","id":"user-context","depth":2},{"value":"Organizational context","id":"organizational-context","depth":3},{"value":"Account","id":"account","depth":4},{"value":"Contract","id":"contract","depth":4},{"value":"Department","id":"department","depth":4},{"value":"Data context","id":"data-context","depth":3},{"value":"Data partition","id":"data-partition","depth":4},{"value":"A user is allowed to choose from available contexts before consuming the application. A developer building a custom application should ensure that all user interactions are scoped appropriately.","id":"a-user-is-allowed-to-choose-from-available-contexts-before-consuming-the-application-a-developer-building-a-custom-application-should-ensure-that-all-user-interactions-are-scoped-appropriately","depth":4},{"value":"Authorization:","id":"authorization","depth":2},{"value":"Subscription authorization:","id":"subscription-authorization","depth":3},{"value":"Data authorization:","id":"data-authorization","depth":3}],"frontmatter":{"seo":{"title":"User context and authorization"}},"lastModified":"2026-05-14T14:32:44.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/solutions/ccm/tutorial/about","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}