When you first register an account in Assertiv, the "Sign-up User" has full administration rights to the organization. For very small organizations there may only need to be one person responsible for administering the system. However, most organizations will want to delegate parts of the administration to other people in the organization. For example, there may be certain people who should be able to manage user accounts and others who have the responsibility of configuring the Applications that your users have access to.
Assertiv has a fine-grained permissions model that can grant access to the API which drives the administration user interface. Access to these API functions also enables parts of the user interface that would otherwise not be available for a standard user. Because the model is so fine-grained, there are many combinations of Roles that you could create to delegate the administration functions. To assist you, we have come up with a basic set of Roles you can use to achieve this. You can create one or more of these roles yourself in the Roles section Assertiv, by adding the permissions that we describe below. Just use the search bar to find the correct ones.
User Management: Read Only
Assigning this role to a user grants access to the User Management section. This might be used for Helpdesk staff. The user can view the details of any user in the organization, including their roles and permissions., but no changes can be made to any of the user's details.
Permissions:
- Assertiv API: Users: Allows listing of all users in the organization
- Assertiv API: Users: Allows retrieval of any user in the organization
- Assertiv API: Roles: Allows listing of a subset of roles given the ids
- Assertiv API: Permissions: Allows retrieval of a user's permissions
User Management: Full Access
This role would give someone complete access to the User Management section, including the ability to add and remove roles from any user (including themselves).
Permissions:
- Assertiv API: Users: Users: Allows listing of all users in the organization
- Assertiv API: Users: Users: Allows retrieval of any user in the organization
- Assertiv API: Users: Users: Allows creation of a user in the organization
- Assertiv API: Users: Users: Allows updating of a user in the organization
- Assertiv API: Users: Users: Allows deleting of a user in the organization
- Assertiv API: Users: Permissions: Allows retrieval of a user's permissions
- Assertiv API: Users: Roles: Allows listing of all roles in the organization
- Assertiv API: Users: Users: Allows addition of roles to a user
- Assertiv API: Users: Users: Allows removal of roles from a user
Role Management: Read Only
- Assertiv API : Roles: Allows listing of all roles in the organization
- Assertiv API : Roles: Allows retrieval of any role in the organization
- Assertiv API : Users: Allows listing of all users with a given role
Role Management: Full Access
- Assertiv API : Roles: Allows updating of a role
- Assertiv API : Roles: Allows creation of a role
- Assertiv API : Roles: Allows deleting of a role
- Assertiv API : Roles: Allows listing of all roles in the organization
- Assertiv API : Roles: Allows retrieval of any role in the organization
- Assertiv API : Roles: Allows updating of permissions to a role
- Assertiv API: Users: Allows listing of all users in the organization
- Assertiv API : Users: Allows listing of all users with a given role
- Assertiv API: Users: Allows addition of roles to a user
- Assertiv API: Users: Allows removal of roles from a user
- Assertiv API: Permissions: Allows retrieval of a user's permissions
- Assertiv API: Permissions: Allows retrieval of all permissions for the organization