...
In summary here is a metaphor... we used to have SQL credentials in multiple places, then we made an external system layer to re-use that. This suggested is similar. Have a data layer that can we re-used across things. Includes real-time updates, security, and data manipulation configured centrally... why? if we want to be ABAC and data field-based, we need to organize our data fields
Miscellaneous
How to only load active people or people who change
Data field security (privacy level)
...
- id (234)
- system_name (emailAddress)
- display_name (Email)
- data_type (boolean, string, integer)
- type (user)
- multi_valued? false
- description
- privacy_level_id 058
- is_identifier? true
- access_related? false
- stored_locally? true
- stored_in_pit? true
- pit_retenionretention: 5 * 365
- group_can_see: ref:staff
- from_sole_source: my_people
- calculated: false
- dynamic: false
- case sensitive?
- id (567)
- system_name (org)
- display_name (Org)
- data_type (boolean, string, integer)
- type (row)
- multi_valued: true
- description
- privacy_level_id 058
- is_identifier? false
- access_related? true
- stored_locally? true
- pit_retention: 5*365
- group_can_see: ref:powerUsers
- from_sole_source: my_payroll
- calculated: false
- dynamic: false
...