2022-07-05: CE - Identity and Access Management (IAM)

User types

For a tenant, there are two types of users available: customers and employees of that tenant.

Employee groups

Employee groups aggregate employees of a tenant that share the same access control within a particular service and resource. By assigning an employee to a particular group, you grant them a specific access control level. Access controls are applied to both the Emporix Management Dashboard and the APIs through scopes. To learn more about scopes, check out the Authorization and scopes guide.

Access controls and access control templates

Access controls combine both resources and roles. For example, a user with a manager role can view, create, delete, and edit resources within a service. You can use access control templates that contain predefined settings for roles. For more information, check out Access control templates in the Identity and access management (IAM) guide.

Resources

Objects within Emporix API services, for example area and time resources in the Delivery Service.

Roles

Roles encapsulate predefined permissions that allow users to perform actions on resources within services. For example, a user with a contributor role can create, view, and edit resources within a service, but cannot delete them.

Permissions

Permissions define what actions a user with a specific role can perform on resources within services. For example, a service might have permissions to perform the following actions on a resource: view, create, delete, and edit.

Localized fields

When creating or updating a group, permission, or role, you can specify its name and description in multiple languages.