Secure Access administrative user interface has its own security settings. You can specify permissions for particular users (administrators or developers) so that they can manage only particular sections, such as users, applications, auditing log, etc. The following table contains description of those permissions:
Secure Access Administrative User Interface Permissions
Application part | Permissions |
---|---|
Applications (including management of application parts, permission types, roles and permission matrix) |
|
Auditing Log |
|
Catalog Settings |
|
Custom Properties Definition |
|
Organizational Units |
|
User Groups |
|
Users |
|
There are predefined typical roles for Secure Access administration with following permissions:
Secure Access Roles
Role | Description |
---|---|
Secure Access Administrator |
Administrator can manage everything. |
Secure Access Application Administrator |
Application administrator manages list of applications and their properties, as well as permissions. |
Secure Access Auditing Log Administrator |
Auditing log administrator can read and delete all auditing log records. |
Secure Access Catalog Administrator |
Catalog administrator can manage catalog settings. |
Secure Access Object Schemas Administrator |
Object schemas administrator can manage custom properties for all object types (user, user groups, etc.). |
Secure Access Operators Administrator |
Operators administrator manages all users, groups and organizational units and their members. |
Secure Access Reader |
Reader can read all information in the Secure Access catalog but cannot modify them. |
Delegation feature allows administrators to delegate other users (such as managers or team leaders) manage particular items by themselves. The delegation can be used for management of user group members, organizational unit members, role members and for management of permissions for particular application or application part.
You can modify delegated users in the "Delegated Users" section in user group/role/organizational units/application/application part details dialog.