add overiew info to ios and node pages (#1025)

MongoCaleb · web-flow · commit ade77401e5cf · 2021-05-03T10:44:03.000-07:00
diff --git a/source/sdk/ios/advanced-guides/multi-user-applications.txt b/source/sdk/ios/advanced-guides/multi-user-applications.txt
@@ -12,6 +12,56 @@ Multi-User Applications - iOS SDK
    :depth: 2
    :class: singlecol
 
+
+The Realm SDK allows multiple :ref:`users <user-accounts>` to be logged in to an
+app simultaneously on a given device. {+service-short+} client applications run
+in the context of a single active user even if multiple users are logged in
+simultaneously. You can quickly switch between authenticated users without
+requiring them to log in again.
+
+.. important::
+   
+   **Any logged in user may become the active user without re-authenticating.**
+   Depending on your app, this may be a security vulnerability. For example, a
+   user on a shared device may switch to a coworker's logged in account without
+   providing their credentials or requiring their explicit permission. If your
+   application requires stricter authentication, avoid switching between users
+   and prefer to explicitly log the active user out before authenticating
+   another user.
+
+User Account States
+~~~~~~~~~~~~~~~~~~~
+
+When a user first logs in through a {+service-short+} SDK on a given device or
+browser, the SDK saves the user's information and keeps track of the user's
+state on the device. The user's data remains on the device, even if they log
+out, unless you actively :ref:`remove the user <dotnet-remove-user>`.
+
+The following states describe an on-device user at any given time:
+
+- **Authenticated:** any user that has logged in on the device
+  and has not logged out or had its session revoked.
+  
+  - **Active**: a single authenticated user that is currently using the
+    app on a given device. The SDK associates this user with outgoing
+    requests and {+backend-short+} evaluates data access permissions and runs
+    functions in this user's context. See :ref:`active user <active-user>` for
+    more information.
+   
+  - **Inactive**: all authenticated users that are not the current
+    active user. You can :ref:`switch the active user <dotnet-switch-user>` to a
+    currently inactive user at any time.
+
+- **Logged Out:** any user that authenticated on the device but
+  has since logged out or had their session revoked.
+
+The following diagram shows how users within a {+service-short+} client app
+transition between states when certain events occur:
+
+.. figure:: /images/multi-user.png
+   :alt: A diagram the outlines the different states a user can be in: logged out, logged in and active, & logged in and inactive.
+
+
 .. _ios-add-a-new-user-to-the-device:
 
 Add a New User to the Device
diff --git a/source/sdk/node/advanced/multi-user-applications.txt b/source/sdk/node/advanced/multi-user-applications.txt
@@ -12,6 +12,55 @@ Multi-User Applications - Node.js SDK
    :depth: 2
    :class: singlecol
 
+The Realm SDK allows multiple :ref:`users <user-accounts>` to be logged in to an
+app simultaneously on a given device. {+service-short+} client applications run
+in the context of a single active user even if multiple users are logged in
+simultaneously. You can quickly switch between authenticated users without
+requiring them to log in again.
+
+.. important::
+   
+   **Any logged in user may become the active user without re-authenticating.**
+   Depending on your app, this may be a security vulnerability. For example, a
+   user on a shared device may switch to a coworker's logged in account without
+   providing their credentials or requiring their explicit permission. If your
+   application requires stricter authentication, avoid switching between users
+   and prefer to explicitly log the active user out before authenticating
+   another user.
+
+User Account States
+~~~~~~~~~~~~~~~~~~~
+
+When a user first logs in through a {+service-short+} SDK on a given device or
+browser, the SDK saves the user's information and keeps track of the user's
+state on the device. The user's data remains on the device, even if they log
+out, unless you actively :ref:`remove the user <dotnet-remove-user>`.
+
+The following states describe an on-device user at any given time:
+
+- **Authenticated:** any user that has logged in on the device
+  and has not logged out or had its session revoked.
+  
+  - **Active**: a single authenticated user that is currently using the
+    app on a given device. The SDK associates this user with outgoing
+    requests and {+backend-short+} evaluates data access permissions and runs
+    functions in this user's context. See :ref:`active user <active-user>` for
+    more information.
+   
+  - **Inactive**: all authenticated users that are not the current
+    active user. You can :ref:`switch the active user <dotnet-switch-user>` to a
+    currently inactive user at any time.
+
+- **Logged Out:** any user that authenticated on the device but
+  has since logged out or had their session revoked.
+
+The following diagram shows how users within a {+service-short+} client app
+transition between states when certain events occur:
+
+.. figure:: /images/multi-user.png
+   :alt: A diagram the outlines the different states a user can be in: logged out, logged in and active, & logged in and inactive.
+
+
 .. _node-add-a-new-user-to-the-device:
 
 Add a New User to the Device
