- Products ProductsLocation Services
Solve complex location problems from geofencing to custom routing
PlatformCloud environments for location-centric solution development, data exchange and visualization
Tracking & PositioningFast and accurate tracking and positioning of people and devices, indoors or outdoors
APIs & SDKsEasy to use, scaleable and flexible tools to get going quickly
Developer EcosystemsAccess Location Services on your favorite developer platform ecosystem
- Documentation
- Pricing
- Resources ResourcesTutorials TutorialsExamples ExamplesBlog & Release Announcements Blog & Release AnnouncementsChangelog ChangelogDeveloper Newsletter Developer NewsletterKnowledge Base Knowledge BaseFeature List Feature ListSupport Plans Support PlansSystem Status System StatusLocation Services Coverage Information Location Services Coverage InformationSample Map Data for Students Sample Map Data for Students
Group workflows
The HERE platform allows you to work in teams using groups. Organization and group admins can create and manage groups, add or remove apps, and add or remove users to or from a group.
The platform uses groups to manage pipeline access to layers. Apps can only write to output layers if they are part of an authorized group. For more information, see the Identity & Access Management Guide.
The OLP CLI provides tools for managing groups, such as:
- Create a new group
- Add an app to a group
- Add an admin user to a group
- Grant group permissions for a catalog
- Revoke group permissions for a catalog
- Delete a group
For more details, see group commands.
Create a new group
Follow the steps below to create a new group.
-
Enter the
olp group createcommand.olp group create olpcli-test-group-workflow -
To verify the group is available, enter the
olp group listcommand.olp group list olpcli-test-group-workflowThe command displays the following results.
Available groups: ID name GROUP-221718b7-926f-4a9c-940c-6a4a221002ff olpcli-test-group-workflow
Add an app to a group
Follow the steps below to add an app to a group.
-
Take an app id from
credentials.propertiesfile.... here.client.id = N5Rwwo7vCbKZ5LkNeJfO ...For information on how to obtain your access credentials, see the Credentials setup chapter.
-
Enter the
olp group member addcommand.LinuxWindowsolp group member add GROUP-221718b7-926f-4a9c-940c-6a4a221002ff \ --app N5Rwwo7vCbKZ5LkNeJfOolp group member add GROUP-221718b7-926f-4a9c-940c-6a4a221002ff ^ --app N5Rwwo7vCbKZ5LkNeJfO -
To verify the app is added, enter the
olp group member listcommand.olp group member list GROUP-221718b7-926f-4a9c-940c-6a4a221002ffThe command displays the following results.
Available group members: type HRN ID name app hrn:here-cn:account::org:app/N5Rwwo7vCbKZ5LkNeJfO N5Rwwo7vCbKZ5LkNeJfO olp-cli-app
Make a user a group admin
Follow the steps below to make a user a group admin.
-
Take a user id from
credentials.propertiesfile.... here.user.id = HERE-3c30a9c3-e75d-4c54-ad5c-eac9b3809608 ...For information on how to obtain your access credentials, see the Credentials setup chapter.
-
Enter the
olp group admin addcommand.LinuxWindowsolp group admin add GROUP-221718b7-926f-4a9c-940c-6a4a221002ff \ --user HERE-3c30a9c3-e75d-4c54-ad5c-eac9b3809608olp group admin add GROUP-221718b7-926f-4a9c-940c-6a4a221002ff ^ --user HERE-3c30a9c3-e75d-4c54-ad5c-eac9b3809608 -
To verify the user is an admin, enter the
olp group admin listcommand.olp group admin list GROUP-221718b7-926f-4a9c-940c-6a4a221002ffThe command displays the following results.
{% codesnippet language="bash" %}
type HRN ID name
user {{book.filtered.hrnPrefix}}:account::org:user/HERE-3c30a9c3-e75d-4c54-ad5c-eac9b3809608 HERE-3c30a9c3-e75d-4c54-ad5c-eac9b3809608 John Doe
{% endcodesnippet %}
Grant group permission for a catalog
Use your own pre-created catalog. For more information on creating catalogs, see the olp catalog create command.
To share a catalog with a specific group, enter the olp catalog permission grant command.
Linux
Windows
olp catalog permission grant hrn:here-cn:data::org:olpclitestcatalog \
--group GROUP-221718b7-926f-4a9c-940c-6a4a221002ff --read --writeolp catalog permission grant hrn:here-cn:data::org:olpclitestcatalog ^
--group GROUP-221718b7-926f-4a9c-940c-6a4a221002ff --read --writeThe command displays the following results.
Granted access for a group GROUP-221718b7-926f-4a9c-940c-6a4a221002ff to catalog hrn:here-cn:data::org:olpclitestcatalog
Revoke group permission for a catalog
To remove catalog access from a group, enter the olp catalog permission revoke command.
Linux
Windows
olp catalog permission revoke hrn:here-cn:data::org:olpclitestcatalog \
--group GROUP-221718b7-926f-4a9c-940c-6a4a221002ffolp catalog permission revoke hrn:here-cn:data::org:olpclitestcatalog ^
--group GROUP-221718b7-926f-4a9c-940c-6a4a221002ffThis command displays the following results.
Revoked access for group GROUP-221718b7-926f-4a9c-940c-6a4a221002ff to catalog hrn:here-cn:data::org:olpclitestcatalog
Delete a group
Enter the olp group delete command and specify the group ID.
olp group delete GROUP-221718b7-926f-4a9c-940c-6a4a221002ff
The command displays the following results.
Group GROUP-221718b7-926f-4a9c-940c-6a4a221002ff has been deleted
To get a full list of available commands, enter olp --help.
