Skip to content

Add authentication sub-namespace to user #1146

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 22 commits into from
Closed

Add authentication sub-namespace to user #1146

Show file tree
Hide file tree
Changes from 19 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
c809107
Add user.anonymous_id
heyams Jun 11, 2024
1eb9c37
Format
heyams Jun 11, 2024
1fd2648
Update changelog
heyams Jun 11, 2024
db88ea7
Autogenerate changelog and markdown
heyams Jun 11, 2024
58a1096
Add note to user.anonymous_id
heyams Jun 12, 2024
3dfb971
Update anonymous_id brief
heyams Jun 13, 2024
6731337
Comment
heyams Jul 17, 2024
f2c4782
Update markdown
heyams Jul 22, 2024
6419885
Merge branch 'main' into heya/add-anonymous-user-id
trisch-me Jul 29, 2024
c80b910
Update user with subnamespace authentication
heyams Aug 6, 2024
a47e5cd
Merge branch 'heya/add-anonymous-user-id' of https://github.com/heyam…
heyams Aug 6, 2024
53a121c
Update markdown
heyams Aug 6, 2024
04f56e1
Merge branch 'main' into heya/add-anonymous-user-id
heyams Aug 6, 2024
1bc5f88
Update generate identity markdown
heyams Aug 6, 2024
8c81fd1
Merge branch 'heya/add-anonymous-user-id' of https://github.com/heyam…
heyams Aug 6, 2024
443f497
Update changelog
heyams Aug 6, 2024
63af008
Fix yamllint
heyams Aug 6, 2024
615ff2c
Fix make command error
heyams Aug 6, 2024
81d6360
Update id
heyams Aug 6, 2024
bf8e35e
Address comments
heyams Aug 8, 2024
6f7dc08
Fix yamllint
heyams Aug 8, 2024
5a6d337
Update user.hash referrence to user.authentication.id everywhere
heyams Aug 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .chloggen/add_authentication_user_subnamespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Use this changelog template to create an entry for release notes.
#
# If your change doesn't affect end users you should instead start
# your pull request title with [chore] or use the "Skip Changelog" label.

# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
change_type: 'enhancement'

# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
component: user

# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
note: introduce a new subnamespace `authentication` under `user` with a new attribute `user.authentication.id`

# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
# The values here must be integers.
issues: [1104]

# (Optional) One or more lines of additional information to render under the primary note.
# These lines will be padded with 2 spaces and then inserted directly into the document.
# Use pipe (|) for multiline entries.
subtext: Update `identity` attributes under general attribute doc.
19 changes: 11 additions & 8 deletions docs/attributes-registry/user.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,16 @@

Describes information about the user.

| Attribute | Type | Description | Examples | Stability |
| ---------------- | -------- | ---------------------------------------------------------------------------- | -------------------------------------------------- | ---------------------------------------------------------------- |
| `user.email` | string | User email address. | `[email protected]` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.full_name` | string | User's full name | `Albert Einstein` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.hash` | string | Unique user hash to correlate information for a user in anonymized form. [1] | `364fc68eaf4c8acec74a4e52d7d1feaa` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.id` | string | Unique identifier of the user. | `S-1-5-21-202424912787-2692429404-2351956786-1000` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.name` | string | Short name or login/username of the user. | `a.einstein` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.roles` | string[] | Array of user roles at the time of the event. | `["admin", "reporting_user"]` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| Attribute | Type | Description | Examples | Stability |
| ------------------------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | ---------------------------------------------------------------- |
| `user.authentication.id` | string | Unique identifier of an authenticated user in the system. | `S-1-5-21-202424912787-2692429404-2351956786-1000` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.email` | string | User email address. | `[email protected]` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.full_name` | string | User's full name | `Albert Einstein` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.hash` | string | Unique user hash to correlate information for a user in anonymized form. [1] | `364fc68eaf4c8acec74a4e52d7d1feaa` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.id` | string | Identifier of a user who interacts with a system. This identifier may be unique only through best-effort means and does not imply that the user is authenticated to the system. [2] | `QdH5CAWJgqVT4rOr0qtumf` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.name` | string | Short name or login/username of the user. | `a.einstein` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| `user.roles` | string[] | Array of user roles at the time of the event. | `["admin", "reporting_user"]` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |

**[1]:** Useful if `user.id` or `user.name` contain confidential information and cannot be used.

**[2]:** It can be a random guid or a hash of the user's IP address. This is different from `user.hash` which is a hash of a known `user.id` or `user.name`.
5 changes: 2 additions & 3 deletions docs/general/attributes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -409,9 +409,8 @@ These attributes may be used for any operation with an authenticated and/or auth

| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
|---|---|---|---|---|---|
| [`enduser.id`](/docs/attributes-registry/enduser.md) | string | Deprecated, use `user.id` instead. | `username` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Replaced by `user.id` attribute. |
| [`enduser.role`](/docs/attributes-registry/enduser.md) | string | Deprecated, use `user.roles` instead. | `admin` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Replaced by `user.roles` attribute. |
| [`enduser.scope`](/docs/attributes-registry/enduser.md) | string | Deprecated, no replacement at this time. | `read:message, write:files` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Removed. |
| [`user.authentication.id`](/docs/attributes-registry/user.md) | string | Unique identifier of an authenticated user in the system. | `S-1-5-21-202424912787-2692429404-2351956786-1000` | `Recommended` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
| [`user.roles`](/docs/attributes-registry/user.md) | string[] | Array of user roles at the time of the event. | `["admin", "reporting_user"]` | `Recommended` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |


<!-- markdownlint-restore -->
Expand Down
10 changes: 5 additions & 5 deletions model/general.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,13 @@ groups:
- id: identity
type: span
brief: >
These attributes may be used for any operation with an authenticated and/or authorized enduser.
These attributes may be used for any operation with an authenticated and/or authorized user.
note: >
`enduser` namespace has been deprecated. When `user.authentication.id` is present, it is strongly recommended to provide `user.id` as well.
attributes:
- ref: enduser.id
- ref: user.authentication.id
requirement_level: recommended
- ref: enduser.role
requirement_level: recommended
- ref: enduser.scope
- ref: user.roles
requirement_level: recommended
- id: thread
type: span
Expand Down
9 changes: 8 additions & 1 deletion model/registry/user.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,15 @@ groups:
type: string
stability: experimental
brief: >
Unique identifier of the user.
Identifier of a user who interacts with a system. This identifier may be unique only through best-effort means and does not imply that the user is authenticated to the system.
note: >
It can be a random guid or a hash of the user's IP address. This is different from `user.hash` which is a hash of a known `user.id` or `user.name`.
examples: ['QdH5CAWJgqVT4rOr0qtumf']
- id: user.authentication.id
type: string
brief: "Unique identifier of an authenticated user in the system."
examples: ['S-1-5-21-202424912787-2692429404-2351956786-1000']
stability: experimental
- id: user.name
type: string
stability: experimental
Expand Down