Backend user access management

Backend user roles

Customer roles are mostly seprarated into three categories:

  • read-only
  • write

User roles are subject to inheritance (see last section).

Read-only roles

These roles only allow one to read information from the backend. These users will be able to access most of the information but not to modify anything.

Examples of read-only roles: CUSTOMER[R], DEVICE MANAGER[R]

Read-only roles allow to:

Read a device information page, read device messages.

Write roles

Write roles are to be considered as administrator roles. They will allow accessing and modifying of all information.

These are to be granted to trusted users, regarded as administrators in your group.

Examples of read & write roles: CUSTOMER[W], DEVICE MANAGER[W]

Write roles allow to:

Register or move devices, create and edit callbacks, access a device's PAC.

Role inheritance

If a customer has been granted a role on a group, he will inherit the same role for each and any of its child groups. Distinct and parent groups are, of course, not subject to inheritance.

Let's take a concrete example:

Optional roles

Optional roles allow adding a specific capability to an existing account. These roles are identified with the "OPT_" prefix.

Please be advised that granting only an optional role to a user will create an account that the user will not be able to use to log in.

Same goes for API accesses: it will be created but will not be able to access any resource.

Can't find what you're looking for ?

Have questions? Our worldwide Community of expert fans can answer them.
Have answers? Join the Community and help!

slack logo

Ask the community >