Skip to main content
Version: 24.9

Additional considerations

Roles allow grouping different levels of access for various organizations and, at the same time, allow grouping different levels of access per module to manage them in a simplified way.

Multitenant environments

The roles of an organization allow configuring access and visibility for the users of the organization and also allow including permissions to configure access and visibility for dependent organizations.

An organization is dependent when:

  • It is of client type and the roles and users are in the partner-type organization at a higher level.
  • It is a sub-organization of a client organization.

Roles are assigned to users and contain the definition of levels of access and visibility, allowing different configurations for the root organization and its sub-organizations to be established within the same role. This can only be done in a downward manner; that is, from a higher-level organization, permissions can be assigned to the organization itself and the organizations that depend on it.

Access levels by modules

Access levels are also defined for each module of the solution:

Portal

In Portal, there are two roles available: User and Organization Administrator. The first allows viewing actions; and the second can activate or deactivate functionalities and make general-level changes.

To access certain functionalities, in addition to the user role in Portal, access to Workspaces is required, depending on the functionality, with role Level 1 or Level 2.

Available actions in each role:

FunctionalityActionOrganization AdminUser
ActivationsViewX
Operations logViewXX
MicroservicesCreateXOnly if it is L2 in Workspaces
MicroservicesViewXOnly if it is L1 or L2 in Workspaces
MicroservicesModifyXOnly if it is L2 in Workspaces
MicroservicesDeleteXOnly if it is L2 in Workspaces
Enabled microservicesViewXOnly if it is L1 or L2 in Workspaces
Enabled microservicesModifyXOnly if it is L2 in Workspaces
FlexxAgent ConfigurationViewXX
FlexxAgent ConfigurationModifyX
FlowsCreateXOnly if it is L2 in Workspaces
FlowsViewXOnly if it is L2 in Workspaces
FlowsModifyXOnly if it is L2 in Workspaces
IntegrationsCreateX
ModulesCreateX
ModulesViewX
ModulesModifyX
OperationsViewXOnly if it is L1 or L2 in Workspaces
Patch managementCreateXOnly if it is L2 in Workspaces
Patch managementViewXOnly if it is L1 or L2 in Workspaces
Patch managementModifyXOnly if it is L2 in Workspaces
Patch managementDeleteXOnly if it is L2 in Workspaces
PoliciesCreateX
PoliciesViewXX
PoliciesModifyX
PoliciesDeleteX
Reporting GroupsCreateX
Reporting GroupsViewX
Reporting GroupsModifyX
RolesCreateX
RolesViewX
RolesModifyX
RolesDeleteX
OrganizationsCreateX
OrganizationsViewX
OrganizationsModifyX
OrganizationsDeleteX
UsersCreateX
UsersViewX
UsersModifyX
UsersDeleteX
WorkspacesViewXOnly if it is L1 or L2 in Workspaces
Workspaces GroupsCreateX
Workspaces GroupsViewXOnly if it is L1 or L2 in Workspaces
Workspaces GroupsModifyX
Workspaces GroupsDeleteX

Workspaces

In Workspaces, there are two roles available: Level 1 and Level 2. The first allows the most common support actions, such as providing remote assistance, sending microservices, power actions, or querying device information, and the second includes all Level 1 support functionalities plus server, network, location, wifi network management, and alert configuration.

Available actions in each role:

FunctionalityActionLevel 1Level 1 Read OnlyLevel 2Level 2 Read Only
UX PanelViewXXXX
WorkspacesViewXXXX
WorkspacesExecute operationsXX
SessionsViewXXXX
SessionsExecute operationsXX
Connection LogsViewXXXX
JobsViewXXXX
JobsCancelXX
AlertsViewXXXX
AlertsDeactivateXX
Profile StorageViewXXXX
Profile StorageModifyXX
Profile StorageDeleteXX
Alert notification profilesViewXX
Alert notification profilesModifyX
Alert notification profilesDeleteX
Alert SubscriptionsViewXX
Alert SubscriptionsModifyX
Alert SubscriptionsDeleteX
Event LogViewXX
Event LogModifyX
Event LogDeleteX
LocationsViewXX
LocationsCreateX
LocationsModifyX
NetworksViewXX
NetworksModifyX
NotificationsViewXX
NotificationsCreateX
NotificationsModifyX
NotificationsDeleteX
Reporting GroupsViewXX
ServersViewXX
ServersExecute operationsX
Wireless networksViewXX
Wireless networksModifyX

Analyzer

Since Analyzer presents information and in no case allows modifications to the organization or its devices, it does not segment access to the functionalities it contains, therefore access is granted or not to users.

Therefore, the access options to Analyzer are

  • Access
  • No access