Security considerations
Once you have purchased a Customer Distribution License (CDL) you need to do some preparation before inviting your first customer:
OnePub uses Teams to control which packages a customer has access to.
Security
Configuring your Customer/Teams incorrectly may result in data leakage between customers.
The primary concern is breaching a Non-disclosure Agreement (NDA). You may have an NDA that forbids you from disclosing a customer's name publicly.
All members of a team can see each other's details, so associating customers in a single team may reveal their identity, breaching your NDA.
Even if you don't have such an NDA, segmenting customers by team, is considered good practice.
Members of different Customers should NEVER be added to the same team.
'Team per customer' model
To keep you and your customer's data safe we use a 'Team per customer' model.
create a OnePub Team for each customer.
associate each package (that the customer has a license for) with the Customer's team.
Invite each of the Customer's developers, selecting the team you created above.
If the customer purchases another package then you can simply associate it with the Customer's team, to give all of the Customer's devs instant access.
Never associate developers from different customers with the same team!!!
We recommend that the Team name is the Customer's business name.
Last updated