Introduction

NEON supports the several ways to authenticate:

Authentication. NEON supports three types of authentication:

Open ID, using SPIKA ID or an external Open ID compliant service. This is the default method for accessing the NEON Portal.
Username / Password, optionally used for access to the Portal where Open ID is not a practical option
Secret Keys, used by all API calls to NEON by other software. This is the only method available when user-interaction isn’t possible. Keys are associated with Users, and keys can be added, withdrawn and set to expire as needed.

Once authenticated, NEON supports several concepts for controlling access to functions and data:

Space. Each client has their own space, and each space uses a separate database, which means customers cannot see or access each other’s data.
Role Access. Controls overall functional and API access. Each user can be assigned one or many Roles. NEON and the Portal comes with a set of pre-installed Roles, but it’s possible to create any number of custom Roles.
Dimension Control. Controls access on data (record) level, including which Entities, Members and transactional data is visible and can be submitted.
Sensitivity Control. Controls access on data sensitivity (column) level, including if for example PII is visible to a user or not.

Space access

A User can belong to one or many Roles.

Roles are created and configured as Entities, and therefore form part of the standard NEON configuration..