Application Authorization Profiles
Purpose
Define which features a user can see and use
Application authorization profiles allow to define the level of access to the various application menus:
Those profiles can be assigned to teams or users to define what they can see and how they can interact with the application.
Combined with teams and device authorization profiles, application authorization profiles are a great way to manage user permissions
Application authorization Profiles UI
Manage Authorization profiles
To create or edit an application authorization profile's, press Create or select Edit in the table action menu to open the application authorization profile editor
Set the application authorization profile's parameters
You can delete a single application authorization profile or a group of them by either using the table action menu or the bulk delete button
Device Authorization Profiles
Purpose
Manage what devices a user can see and what he can do with them
Device authorization profiles allows to define visibility and permissions for a group of devices
This profile can be associated to a user or a team to define what device a user can see and which actions a user can do on the devices
The granularity of the authorizations is the group: The permissions set to a group applies to all its associated devices
Permissions can also be set on tags (Production, etc…) so you can apply different permissions within a group.
Combined with teams and application authorization profiles, device authorization profiles are a great way to manage user permissions
Device authorization Profiles UI
Manage device authorization profiles
To create or edit a device authorization profile, press Create or select Edit in the table action menu to open the device authorization profile editor
Set the device authorization profile parameters
You can delete a single device authorization profile or a group of them by either using the table action menu or the bulk delete button
Permissions
Global permissions
Permission | Description |
View | Must be set for all the devices belonging to the group to be visible |
Edit | Allows to modify devices properties |
Delete | Allows to delete a device |
Tag permissions will prevail over group permissions
Combined with global permission you can allow user to see everything, but only to edit a subset of items associated with a given group or tag
The privileges granted to an item will always be transfered to its childs, even if they are set with less privileges.
Example: