Skip to main content
Version: 26.6

Access levels

Roles allow grouping different levels of access for several organizations and, at the same time, allow grouping different levels of access by module to manage them in a simplified way.

Multiclient environments​

The roles of an organization allow configuring access and visibility for the users of the organization, and also allow including the permissions to configure access and visibility to dependent organizations.

An organization is dependent when:

  • It is client type and the roles and users are in the partner organization at a higher level.
  • It is a sub-organization of a client organization.

Roles are assigned to users and contain the definition of levels of access and visibility, being able to establish different configurations for the root organization and its sub-organizations in the same role. This can only be done in a descending manner; that is, from a higher-level organization, permissions can be assigned to the organization itself and the organizations that depend on it.

Levels of access by modules​

roles-permissions

The levels of access are also defined for each module of the solution:

Portal​

The following roles are distinguished in Portal:

  1. No access
  2. Organization Administrator or 1 in the table below
  3. Read-only organization administrator or 2 in the table below
  4. User or 3 in the table below
  5. L1 Support Team or 4 in the table below
  6. L1 Support Team read-only or 5 in the table below
  7. L2 Support Team or 6 in the table below
  8. L2 Support Team read-only or 7 in the table below
  9. L3 Engineering Team or 8 in the table below
  10. L3 Engineering Team Read Only or 9 in the table below
  11. Billing or 10 in the table below

To access certain functionalities, in addition to access permissions in Portal, access to Workspaces is required, depending on the functionality, with Level 1 or Level 2 role.

These role levels allow configuring visibility and segmented access according to the needs of each organization. The details of the visibility and actions available for each Portal access level are defined in the table below:

SectionFunctionalityAction12345678910
HomeReadβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…
OperationsReadβœ…βœ…β­βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Audit LogsReadβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…
FlowsReadβœ…βœ…β­βŒβŒβŒβŒβœ…βœ…βŒ
Createβœ…βŒβ­β­βŒβŒβŒβŒβœ…βŒβŒ
Updateβœ…βŒβ­β­βŒβŒβŒβŒβœ…βŒβŒ
Deleteβœ…βŒβ­β­βŒβŒβŒβŒβœ…βŒβŒ
ReportsListReadβœ…βœ…βŒβœ…βœ…βœ…βœ…βœ…βœ…βŒ
DetailReadβœ…βœ…βŒβœ…βœ…βœ…βœ…βœ…βœ…βŒ
Createβœ…βŒβŒβŒβŒβŒβŒβœ…βŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβœ…βŒβŒ
SettingsUpdateβœ…βŒβŒβŒβŒβŒβŒβœ…βŒβŒ
Create with AIReadβœ…βŒβœ…βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Createβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Updateβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Deleteβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βŒ
TenantsCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βœ…
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
ActivationReadβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βœ…
MonitorActive alertsReadβœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Alert ConfigurationCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βœ…βŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
WorkspacesReadβœ…βœ…β­βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβœ…βœ…βŒβœ…βŒβœ…βŒβŒ
Deleteβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Workspace GroupsReadβœ…βœ…β­βœ…βœ…βœ…βœ…βœ…βœ…βŒ
Createβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Updateβœ…βŒβŒβœ…βŒβœ…βŒβœ…βŒβŒ
Deleteβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
PatchReadβœ…βœ…β­βŒβŒβŒβŒβœ…βœ…βŒ
Createβœ…βŒβ­β­βŒβŒβŒβŒβŒβŒβŒ
Updateβœ…βŒβ­β­βŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβ­β­βŒβŒβŒβŒβŒβŒβŒ
AnalyzerInstalled appsReadβœ…βœ…βœ…βŒβŒβœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβœ…βŒβŒβœ…βŒβœ…βŒβŒ
LicensesReadβœ…βœ…βŒβŒβŒβœ…βœ…βœ…βœ…βŒ
Createβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Updateβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Deleteβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
SAMReadβœ…βœ…βŒβŒβŒβœ…βœ…βœ…βœ…βŒ
MicroservicesCreateβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Readβœ…βœ…βœ…βŒβŒβœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
EnabledReadβœ…βœ…βœ…βŒβŒβœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
BillingReadβœ…βœ…βŒβŒβŒβŒβŒβŒβŒβœ…
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβœ…
ProductReadβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
ReportReadβœ…βœ…βœ…βŒβŒβŒβŒβœ…βœ…βŒ
EnvironmentReadβœ…βœ…βœ…βŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
BaselineReadβœ…βœ…βœ…βŒβŒβŒβŒβœ…βœ…βŒ
FlexxAgent ConfigurationReadβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
IntegrationsCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
WebhooksCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
ModulesCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
InformationReadβœ…βœ…βœ…βŒβŒβœ…βœ…βœ…βœ…βœ…
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
DirectivesCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βœ…βŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
API KeysCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Reporting GroupsCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
FlexxAgent ConfigurationReadβœ…βœ…βŒβŒβŒβŒβŒβŒβŒβŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Automatic UpdateUpdateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
FlexxAgent versionReadβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Magic linkCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
RolesCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
UsersCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβœ…βœ…βœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
DaaSCreateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Readβœ…βœ…βŒβŒβŒβŒβŒβœ…βœ…βŒ
Updateβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
Deleteβœ…βŒβŒβŒβŒβŒβŒβŒβŒβŒ
info
  • βœ… Has access.
  • ⭐ Has access if additionally has L1 in Workspaces.
  • ⭐⭐ Has access if additionally has L2 in Workspaces.
  • ❌ No access.

Access Levels for Microservices

In microservices, the same roles are maintained as in Portal, but with specific access levels:

Microservices​

The user's role corresponds to the organization where the microservice was created.

Action12345678910
Clone / createβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Viewβœ…βœ…πŸ”‘βŒβŒβœ…βœ…βœ…βœ…βŒ
Editβœ…βŒπŸ’‘βŒβŒβœ…βŒβœ…βŒβŒ
Change to public or private❌❌❌❌❌❌❌❌❌❌
Edit visibility when privateβœ…βŒπŸ’‘βŒβŒβœ…βŒβœ…βŒβŒ
info
  • βœ… Has access.
  • πŸ”‘ Access is granted if additionally has L1 read-only access in Workspaces.
  • πŸ’‘ Access is granted if the author of the microservice.
  • ❌ No access.

Enabled microservices​

The user's role corresponds to the organization where the microservice was enabled or disabled.

Action12345678910
Enableβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Disableβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
Editβœ…βŒβŒβŒβŒβœ…βŒβœ…βŒβŒ
info
  • βœ… Has access.
  • ❌ No access.

Workspaces​

In Workspaces, there are four roles with different access levels available:

  • Level 1 or L1 in the table below
  • Level 1 read-only or L1 RO in the table below
  • Level 2 or L2 in the table below
  • Level 2 read-only or L2 RO in the table below

Available actions by each role:

FunctionalityActionL1L1 ROL2L2 RO
UX PanelViewβœ…βœ…βœ…βœ…
WorkspacesViewβœ…βœ…βœ…βœ…
WorkspacesExecute operationsβœ…βŒβœ…βŒ
SessionsViewβœ…βœ…βœ…βœ…
SessionsExecute operationsβœ…βŒβœ…βŒ
Connection LogsViewβœ…βœ…βœ…βœ…
JobViewβœ…βœ…βœ…βœ…
JobCancelβœ…βŒβœ…βŒ
AlertViewβœ…βœ…βœ…βœ…
AlertOffβœ…βŒβœ…βŒ
Profile StorageViewβœ…βœ…βœ…βœ…
Profile StorageUpdateβœ…βŒβœ…βŒ
Profile StorageDeleteβœ…βŒβœ…βŒ
Alert notification profilesViewβŒβŒβœ…βœ…
Alert notification profilesUpdateβŒβŒβœ…βŒ
Alert notification profilesDeleteβŒβŒβœ…βŒ
Alert SubscriptionsViewβŒβŒβœ…βœ…
Alert SubscriptionsUpdateβŒβŒβœ…βŒ
Alert SubscriptionsDeleteβŒβŒβœ…βŒ
Event LogsViewβŒβŒβœ…βœ…
Event LogsUpdateβŒβŒβœ…βŒ
Event LogsDeleteβŒβŒβœ…βŒ
LocationsViewβŒβŒβœ…βœ…
LocationsCreateβŒβŒβœ…βŒ
LocationsUpdateβŒβŒβœ…βŒ
NetworksViewβŒβŒβœ…βœ…
NetworksUpdateβŒβŒβœ…βŒ
NotificationsViewβŒβŒβœ…βœ…
NotificationsCreateβŒβŒβœ…βŒ
NotificationsUpdateβŒβŒβœ…βŒ
NotificationsDeleteβŒβŒβœ…βŒ
Reporting GroupsViewβŒβŒβœ…βœ…
ServersViewβŒβŒβœ…βœ…
ServersExecute operationsβŒβŒβœ…βŒ
WiFi NetworksViewβŒβŒβœ…βœ…
WiFi NetworksUpdateβŒβŒβœ…βŒ
info
  • βœ… Has access.
  • ❌ No access.

Analyzer​

The Analyzer module does not allow modifications to the organization or its devices, nor does it segment the functionalities it contains.

Therefore, there are two options:

  • You have access.
  • You don't have access.