Get in touch
Log in

Use Cases

User onboarding

User data protection and residency

API and Workload identity

Identity Threat Detection and Response

Non-human identity management

Credential Rotation and Secretless Access

Protect non-federated applications

Pricing

Developers

Blog

Careers

1
Log in
New Feature

Introducing Organization Attributes

With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

Vincenzo Iozzo
Vincenzo Iozzo 14 May, 2024

Introducing Organization Attributes: Store Tenant-Level Data

Today we are excited to announce a powerful new feature: Organization Attributes. With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

Key features include:

  • Store data at the organization level, separate from user data
  • Organize data into attribute “buckets” with different visibility and access levels
  • Org-level, granular encryption with an hardware root of trust
  • Multi-region replication for even higher availability

Typical use cases include storing billing data, tags, secrets, feature flags, and more.

How It Works

With the organization attributes APIs, you POST key-value pairs into named attribute buckets for a given organization ID. For example, to store some billing information and feature tags for ACME Corp, you could make a request like:

curl -X PUT https://api.slashid.com/organizations/attributes \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \
  -H "Content-Type: application/json" \
  -d '{
    "end_user_no_access": {
        "billing": {
        "plan": "enterprise",
        "status": "paid",
        "subscriptionEnd": "2023-12-31"
        },
        "tags": {
        "region": "us-west",
        "segment": "enterprise"
        }
    }
  }'

This stores the given attributes in the end_user_no_access bucket (more on buckets below) for the given SlashID-OrgID. To fetch all attributes across buckets:

curl -X GET https://api.slashid.com/organizations/attributes \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

To fetch just the billing attribute:

curl -X GET https://api.slashid.com/organizations/attributes/end_user_no_access?attributes=billing \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

And to delete the tags attribute:

curl -X DELETE "https://api.slashid.com/organizations/attributes/end_user_no_access?attributes=tags" \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

Simple and powerful! You can store up to 64KB per attribute value, with attribute names up to 70 bytes. Access is controlled via RBAC policies.

Access control and visibility

Earlier we briefly mentioned the concept of a bucket. A bucket in SlashID is a container of attributes with a specific level of access and visibility.

You can see all available buckets for organization attributes with the following call:

curl -X GET https://api.slashid.com/organizations/attribute-buckets \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

Two core concepts apply to buckets, one is the sharing scope and the other is the end-user permissions.

Buckets can either be shared with the current organization exclusively or across organizations that share the same user pool. Here’s an example output of two buckets that are respectively shared only in the org and in the person pool:

    {
      "end_user_permissions": "no_access",
      "name": "end_user_no_access",
      "owner_organization_id": "65e43220-439d-7ae5-9934-d1c4999c8c54",
      "sharing_scope": "organization"
    },

    {
      "end_user_permissions": "no_access",
      "name": "person_pool-end_user_no_access",
      "sharing_scope": "person_pool"
    },

Writing an attribute in the latter pool allows any organization with the same pool of users to access, delete, and modify that attribute.

The end user permissions allow to specify whether a given bucket should be accessible and writable by an authenticated user or whether they can only be accessed through the backend with an API key.

This powerful primitive allows to have organization-level attributes that are easily visible and usable from the front end without any backend work required.

Common Use Cases

With organization attributes, you can now easily persist tenant configuration and metadata, including:

  • Billing data like plan, status, MRR, etc. Trigger flows based on changes.
  • Tags for segmentation, targeting, categorization
  • Feature flags to control rollouts and access
  • Secrets
  • Preferences and settings
  • Arbitrary metadata to power your business logic

No longer do you have to set up separate databases or caches to store this type of organization-level data. It’s now available with a simple API.

Get Started

Check out the organization attributes API reference to learn more and start using this feature in your application today. We can’t wait to see what you build with it!

Found this article useful to your project?

Let's chat about it.

Get in touch

Related articles

Detecting Man-in-the-Middle Attacks with SlashID
New Feature

Detecting Man-in-the-Middle Attacks with SlashID

Detect when attackers access your website through malicious proxies with SlashID.

Ivan Kovic
Ivan Kovic
· 26 Aug, 2024
SlashID RBAC: Globally-available role-based access control
New Feature

SlashID RBAC: Globally-available role-based access control

SlashID RBAC is a globally replicated role-based access control system that allows you to restrict access to resources based on permissions assigned to specific persons.

Robert Laszczak
Robert Laszczak
· 22 Jul, 2024
Introducing the SlashID Local Deployment
New Feature

Introducing the SlashID Local Deployment

The SlashID local deployment is our answer for developers looking to build, run and test apps locally.

Vincenzo Iozzo, Giovanni Gola
Vincenzo Iozzo, Giovanni Gola
Vincenzo Iozzo, Giovanni Gola
· 24 Jun, 2024
SlashID /Identity at scale
••••••••••••••••••••••

Secure your identities

The identity stack to protect users and non-human identities.

Get in touch