Backstage by Example (Part 2)

Clearing Out Sample Data

Having finished up working through the two Backstage Getting Started documents, we are left with a Backstage App with sample data (entities) that we clearly do not want to carry forward.

Users and Groups

We next look to ingest User and Group entities from our GitHub Organization’s People and Teams respectively.

Authentication and Users

It is interesting to observe that our authentication and User ingestion mechanisms are independent of each other. One might wonder if the Backstage App authentication of a GitHub account matches up with the same Backstage App User created from that account as a Member of a GitHub Organization. More simply, when logged in, am I the similarly named Backstage User.

Authorization

We were able to authenticate into the Backstage App before we ingested Users and Groups from a GitHub Organization. This suggests that any GitHub account can authenticate (and thus be authorized) to use this Backstage App. To validate the problem, we can use another GitHub account that is not associated with our GitHub Organization and indeed we can authenticate to our Backstage App and then perform any operations as we please.

Next Steps

In the next article, Backstage by Example (Part 3), we explore how to deploy our Backstage App to production.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
John Tucker

John Tucker

Broad infrastructure, development, and soft-skill background