Multiple User accounts working as a team - trying to find docs to read

Greetings,
I’m not sure that I have categorized this post very well.
I have 6 particle devices that we will install in alpha customer locations. The installer will need an account to set up the wifi and the customer will need an account to monitor the operation. Of course I will need access as admin.
I guess I am using all the wrong search terms for docs on this. Any guidance or links would be great.
Kirk

PS Limited success - I just found this.
https://docs.particle.io/tutorials/product-tools/team-access-controls/

However it is not clear in this doc that you need to create a “product” Then the console changes its look to be like the document.

I still do not understand how to create a “customer” for my “product” The “customer” would be able to see and adjust the device.

Still looking for relevant docs.

The first decision you need to make how you want the customer to interact with your service.

  • Using a mobile app using Particle authentication
  • Entirely through your service, through a web app with your own authentication system
  • Through a mobile app using your own authentication system

The first option is more common when using the Photon or P1 as the Particle Device Setup SDK provides the setup flow to drop into your own application, and allows the user to configure their own Wi-Fi. However, the device setup SDK cannot be used with the Argon.

The second option is most common for cellular devices, because there is no need to set up Wi-Fi, and it’s typically easier to build a generic web app.

For your use case with an installer, it falls in between the two, you could go either way.

If you decide to use Particle authentication you will want to use customer claiming. And with customer claiming, you can either use simple auth, which really is only applicable for a mobile app, or two-legged shadow customers, which work for web app or mobile app. With two-legged shadow customers, you handle user management in your own back-end but generate an access token that allows the user to directly call the Particle API on behalf of their device.

However, rather than have a web app or mobile app directly call the Particle API with a customer access token, it may make more sense to just implement the Particle API calls from your own back-end. The advantage of this method is that you need much less Particle-specific code in your web app or mobile app, which usually makes it much easier to find a developer. All of your Particle API implementation is isolated to a small part of your back-end.