- Created by Phillip Hanegan on Aug 28, 2022
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
Version 1 Current »
EmpowerID restricts access to roles through the use of Management Roles. To work with roles, users must be assigned to the appropriate roles. Management Roles are prefixed by their function in EmpowerID and include the following:
UI — Management Roles prefixed with UI grant users access to specific UI elements in the EmpowerID Web interface.
VIS — Management Roles prefixed with VIS grant users the ability to see specific objects in EmpowerID.
ACT — Management Roles prefixed with ACT grant users the ability to manage specific objects in EmpowerID.
Roles needed to create, update and delete Management Roles
To create, update and delete Management Roles, users need to have a combination of the following Management Role assignments (based on the needed scope):
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyLocations | Grants visibility for all Management Roles in a person's locations. Visibility is needed to access the Action links related to Management Roles. | Visibility |
ACT-Management-Role-Object-Administration-MyLocations | Grants the ability to create, update, and delete Management Roles in a person's locations. | Activity |
VIS-Management-Role-Definition-All | Grants visibility for all Management Role Definitions in the system. | Visibility |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyOrg | Grants visibility for all Management Roles in a person's organizations. Visibility is needed to access the Action links related to Management Roles. | Visibility |
ACT-Management-Role-Object-Administration-MyOrg | Grants the ability to create, update, and delete Management Roles in a person's organizations. | Activity |
VIS-Management-Role-Definition-All | Grants visibility for all Management Role Definitions in the system. | Visibility |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-All | Grants visibility for all Management Roles in the system. Visibility is needed to access the Action links related to Management Roles. | Visibility |
ACT-Management-Role-Object-Administration-All | Grants the ability to create, update, and delete all Management Roles. | Activity |
VIS-Management-Role-Definition-All | Grants visibility for all Management Role Definitions in the system. | Visibility |
ACT-Management-Role-Definition-Object-Administration-All | Grants the ability to create, update, and delete all Management Role Definitions. | Activity |
Roles needed to manage role membership
To manage role membership, users need to have a combination of the following Management Role assignments (based on the needed scope):
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Membership-Management | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyLocations | Grants visibility for all Management Roles in a person's locations. | Visibility |
ACT-Management-Role-Membership-MyLocations | Grants the ability to manage the membership of Management Roles in a person's locations. | Activity |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Membership-Management | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyOrg | Grants visibility for all Management Roles in a person's organizations. | Visibility |
ACT-Management-Role-Membership-MyOrg | Grants the ability to manage the membership of Management Roles in a person's organizations. | Activity |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Membership-Management | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-All | Grants visibility for all Management Roles. | Visibility |
ACT-Management-Role-Membership-All | Grants the ability to manage the membership of all Management Roles. | Activity |
Roles needed to manage the RBAC delegations granted to roles
To manage the RBAC delegations of access granted to roles, users need to have a combination of the following Management Role assignments (based on the needed scope):
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyLocations | Grants visibility for all Management Roles in a person's locations. Visibility is needed to access the Action links related to Management Roles. | Visibility |
ACT-Management-Role-RBAC-Delegations-MyLocations | Grants the ability to manage RBAC delegations of access for all Management Roles in the person's locations | Activity |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-MyOrg | Grants visibility for all Management Roles in a person's locations. Visibility is needed to access the Action links related to Management Roles. | Visibility |
ACT-Management-Role-RBAC-Delegations-MyOrgs | Grants the ability to manage RBAC delegations of access for all Management Roles in the person's organizations. | Activity |
Management Role | Access Granted by Management Role | Role Type |
|---|---|---|
UI-Management-Role-Object-Administration | Grants access to the user interfaces and workflows to create Person objects. | Feature Set — Inherits the below Access Levels from the parent Management Role Definition: PAGES AND CONTROLS ACCESS
WORKFLOW ACCESS
|
VIS-Management-Role-All | Grants visibility for all Management Roles. | Visibility |
ACT-Management-Role-RBAC-Delegations-All | Grants the ability to manage RBAC delegations of access for all Management Roles. | Activity |
IN THIS ARTICLE
- No labels