Summary
The following updates have been made within the software-as-a-service (SaaS) STEP cloud-solution functionality:
- General availability of Cassandra database for Product MDM SaaS customers.
- Unified login across all STEP user interfaces.
- Ability to update configuration for SaaS systems through a REST interface.
Details
Cassandra database generally available for Product MDM on Azure
With the release of 10.0, Product MDM (PMDM) customers using our Software-as-a-Service (SaaS) services on Microsoft Azure will start to be deployed on a multi-tenant Cassandra database cluster. The exception will be customers using the Automotive component, which is not yet available on Cassandra.
Our support for the Cassandra database is based on using our In-Memory database technology to ensure superior performance. Customers will also benefit from the distributed nature of the Cassandra database, which means less planned downtime for OS patching, for example, as well as the ability to survive the failure of individual database nodes without downtime. Strict segregation between data belonging to different customers is enforced using the Cassandra keyspace concept.
Customers on Cassandra will also benefit from the ability to do schema changes without going into single update mode. Execution of a schema change will run as a background process, so that customers can continue to work while the change is happening. It is only possible to have one change executed on a given schema object at the time; multiple changes to the same or depending objects will be queued.
In the future use of the Cassandra database will be extended to cover more use cases that take advantage of its inherent capabilities for storing huge amounts of data.
The Cassandra database will be available to both new and existing customers on our SaaS offering. Existing customers will need to go through a separately planned upgrade process.
Improved and token-based single sign-on
From 10.0, SaaS customers will have OAuth2-based single sign-on (SSO) across all STEP user interfaces, meaning that all interfaces will be password protected, and that users, once authenticated, will not have to re-supply credentials when switching between the different interfaces.
Authentication and user management can either be handled by STEP or by an external identity provider supporting SAML or LDAP, e.g., Microsoft Active Directory.
If customers want to write their own web / mobile user interfaces, e.g., using the new GraphQL API, STEP will serve as OpenID Connect provider allowing the applications to obtain an access token to be passed with the HTTP requests. This also works for REST and SOAP APIs.
For machine to machine integrations, external systems can trade user credentials for an access token via an additional STEP endpoint. However, this only works if such 'machine' user accounts are managed in STEP.
For backward compatibility, pre-10.0 API authentication mechanisms (e.g., Basic Authentication) can be enabled on request.
API documentation is accessible from [server]/sdk or by clicking the STEP API Documentation button on the Start Page.
Remote system re-configuration
It is now possible to reconfigure SaaS systems through a REST interface, so customers can—without the assistance of Stibo Systems—deploy a new extension or to, for example, introduce a new gateway integration endpoint. The following operations are available:
- Retrieve and change configuration properties
- Prepare and deploy server extensions based on the Extension API
- Restart the environment in order to make deployments and apply certain changes (e.g., config property changes)
- Retrieve STEP system status to verify if a restart has been completed
All operations described above are privileged under a new setup action called 'System Administration,' that should only be given to trusted system administration users. Swagger REST API documentation is available to users with the System Administration privilege.