diff --git a/en/asgardeo/docs/references/user-management/user-roles.md b/en/asgardeo/docs/references/user-management/user-roles.md index 0d3339be79..acbceaee46 100644 --- a/en/asgardeo/docs/references/user-management/user-roles.md +++ b/en/asgardeo/docs/references/user-management/user-roles.md @@ -2,7 +2,7 @@ Roles determine permissions for accessing Asgardeo resources such as functionalities in the Asgardeo Console and underline REST APIs. -The following roles, available by default, determine the options available for privileged users in the Asgardeo Console. +We offer some default roles within the Asgardeo console to tailor the organization administrator’s access, limiting their Console experience to only the resources essential for their role. As an organzation Administrator/Owner, you can the given assign roles to other admins to access the Asgardeo console with limited access. !!! note @@ -39,335 +39,284 @@ The following roles, available by default, determine the options available for p -The following tables elaborate all the permissions enabled for the default roles available for the Asgardeo Console. +The permissions associated with each role are outlined below. In the table, If a particular permission is not mentioned to a role, administrators with that role will not have access to that section of the Asgardeo Console. -## Users - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AdministratorAuditorEditor - ApplicationsViewer - ApplicationsEditor - UsersViewer - UsersEditor - Connections
View users✔️✔️✔️✔️✔️✔️✖️
Onboard users✔️✖️✖️✔️✖️✖️✖️
Update user profiles✔️✖️✖️✖️✔️✖️✖️
Delete users✔️✖️✖️✖️✔️✖️✖️
View groups✔️✔️✔️✔️✔️✔️✖️
Create groups✔️✖️✖️✖️✔️✖️✖️
Update and delete groups✔️✖️✖️✖️✔️✖️✖️
View assigned users to groups✔️✔️✔️✔️✔️✔️✖️
Assign users to groups✔️✖️✖️✖️✔️✖️✖️
+??? example "Administrator" -
+ Administrator has read/write access to all the resources in the Asgardeo Console -## Roles +??? example "Auditor" + + Auditor has read-only access to all the resources in the Asgardeo Console - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AdministratorAuditorEditor - ApplicationsViewer - ApplicationsEditor - UsersViewer - UsersEditor - Connections
Create roles✔️✖️✔️✖️✔️✖️✖️
Delete roles✔️✖️✔️✖️✔️✖️✖️
Update role settings✔️✖️✔️✖️✔️✖️✖️
Onboard users to roles✔️✖️✔️✖️✔️✖️✖️
Onboard groups to roles✔️✖️✔️✖️✔️✖️✖️
View roles✔️✔️✔️✔️✔️✔️✖️
View users and groups assigned to roles✔️✔️✔️✔️✔️✔️✖️
+??? example "Editor - Applications" -
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
-## Applications -
ResourcesSub-sectionRead/Write accessRead access only
Applications✔️
Connections✔️
API Resources✔️
Branding✔️
User ManagementUsers️✔️
User ManagementGroups️✔️
User ManagementRoles️✔
User Attributes & StoresAttributes️✔
User Attributes & StoresAttributes >> Scopes ️️✔
Organizations✔️
Login & Registration️✔
Actions️✔
Events️✔
Logs️Diagnostic logs️✔️
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AdministratorAuditorEditor - ApplicationsViewer - ApplicationsEditor - UsersViewer - UsersEditor - Connections
View apps and app settings✔️✔️✔️✔️✖️✖️✖️
Register, update and delete apps✔️✖️✔️✖️✖️✖️✖️
+??? example "Viewer - Applications" -
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ResourcesSub-sectionRead/Write accessRead access only
Applications✔️
Connections✔️
API Resources
Branding️✔
User ManagementUsers️✔️
User ManagementGroups️✔️
User ManagementRoles️️✔
User Attributes & StoresAttributes️✔
User Attributes & StoresAttributes - Scopes ️️
Organizations✔️
Login & Registration️✔
Actions️✔
Events️✔
Logs️Diagnostic logs️✔️
+
-## Connections -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AdministratorAuditorEditor - ApplicationsViewer - ApplicationsEditor - UsersViewer - UsersEditor - Connections
View connections and connection settings✔️✔️✔️✔️✖️✖️✖️
Create, update and delete connections✔️✖️✖️✖️✖️✖️✔️
+??? example "Editor - Users" -
+ + + + + + + + + + + + + + + + + + + + + + + + + +
ResourcesSub-sectionRead/Write accessRead access only
User ManagementUsers️️✔
User ManagementGroups️✔️
User ManagementRoles️✔
+
+ + +??? example "Viewer - Applications" + +
+ + + + + + + + + + + + + + + + + + + + + + + + +
ResourcesSub-sectionRead/Write accessRead access only
User ManagementUsers️️️✔
User ManagementGroups️️️✔
User ManagementRoles️️✔
+
+ +??? example "Editor - Connections" + +
+ + + + + + + + + + + + +
ResourcesSub-sectionRead/Write accessRead access only
Connections️️
+
-## Attributes and scopes -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AdministratorAuditorEditor - ApplicationsViewer - ApplicationsEditor - UsersViewer - UsersEditor - Connections
View attributes✔️✔️✔️✔️✖️✖️✔️
Create, update and delete new attributes✔️✖️✖️✖️✖️✖️✖️
View scopes✔️✔️✔️✔️✖️✖️✔️
Add new attributes to scopes✔️✖️✔️✖️✖️✖️✖️
Update and delete scopes✔️✖️✔️✖️✖️✖️✖️
-