User types and API Keys are associated with a set of permissions, each one enabling a feature or read/write capability on a specific object.
The following is a list of permits grouped according to the topic they are intended for.
Customer
| PERMISSION | DESCRIPTION |
|---|---|
| READ_CUSTOMER | Allows the user to read the customers' information. |
| WRITE_CUSTOMER | Allows the user to create and manage customers (ORGANIZATION, PARTNER), write customer's information (CUSTOMER). |
| DELETE_CUSTOMER | Allows the user to delete customers. |
| CUSTOMER_ACCOUNT_ADMINISTRATOR | Allows the user to manage the customer account. Applicable only to the user types of: CUSTOMER. |
| READ_ALL_CUSTOMERS | Allows the user to read all customers registered within the tenant. |
| IMPORT_CUSTOMERS | Allows administrative users to import customer data in a bulk way. Applicable only to the user types of: ORGANIZATION, PARTNER. |
Location
| PERMISSION | DESCRIPTION |
|---|---|
| READ_LOCATION | Allows the user to read the location's information. |
| WRITE_LOCATION | Allows the user to create and manage (ORGANIZATION, PARTNER), write location's information (CUSTOMER). |
| DELETE_LOCATION | Allows the user to delete locations. |
| IMPORT_LOCATIONS | Allows administrative users to import locations data in a bulk way. |
Thing
| PERMISSION | DESCRIPTION |
|---|---|
| READ_THING | Allows the user to read the things' information. |
| WRITE_THING | Allows the user to create and manage things. |
| DELETE_THING | Allows the user to delete things. |
| READ_ALL_THINGS | Allows the user to read all things of the tenant. |
| WRITE_THING_OPTION | Allows the user to set Thing's options. |
| WRITE_METRIC_VALUE | Allows the user to set a metric value. |
| DELETE_METRIC_VALUE | Allows the user to delete a metric value. |
| EXPORT_DATA | Allows the user to execute a bulk data export for the visible things. |
| WRITE_WORK_SESSION | Allows the user to manually create a work session. |
| REGISTER_THING | Allows the user to register new things without an owner. |
| WRITE_THING_ACTIVATION | Allows the user to activate a new thing. |
| READ_CLOUD_STATUS | Allows the service manager to read the thing cloud status. |
| WRITE_CLOUD_STATUS | Allows the service manager to change the thing cloud status. Applicable only to the user types of: ORGANIZATION. |
| READ_CERTIFICATE | Allows the administrator to read the thing certificates. Applicable only to the user types of: ORGANIZATION, PARTNER. |
| WRITE_CERTIFICATE | Allows the administrator the management of the thing certificates. Applicable only to the user types of: ORGANIZATION, PARTNER. |
| WRITE_SIM | Allows the user to verify and change the status of the SIM installed within the product. Applicable only to the user types of: ORGANIZATION. |
| READ_USER_AUTHORIZATION | Allows the user to read the user authorizations on customer's Things. Applicable only to the user types of: CUSTOMER. |
| WRITE_USER_AUTHORIZATION | Allows the user to read the user authorizations on customer's Things. Applicable only to the user types of: CUSTOMER. |
| RESET_USER_AUTHORIZATION | Allows the user to reset the user to thing authorizations. Applicable only to the user types of: CUSTOMER. |
| READ_RULE | Allows the user to read the thing's defined rules. |
| WRITE_RULE | Allows the user to write, manage and delete thing's defined rules. |
Thing Remote Control
| PERMISSION | DESCRIPTION |
|---|---|
| EXECUTE_THING_COMMAND | Allows the user to execute commands on the connected things. |
| SET_THING_PARAMETER | Allows the user to set configuration parameters to the connected things. |
| UPDATE_FIRMWARE | Allows the technichian to trigger firmware upates. |
| EXECUTE_BULK_UPDATE | Allows the user to perform a bulk update. |
| WRITE_RECIPE | Allows the user the edit recipes. |
| READ_TASK | Allows the user to read the task's information. |
| WRITE_TASK | Allows the user to create, manage and delete tasks. |
Thing Connection
| PERMISSION | DESCRIPTION |
|---|---|
| READ_CONNECTION_MAPPING | Allows the user to read connection mappings. |
| WRITE_CONNECTION_MAPPING | Allows the user to configure connection mappings. |
| READ_THING_CONNECTION_TOKENS | Allows the user to read the registered connection tokens. |
| WRITE_THING_CONNECTION_TOKENS | Allows the user to register new connection tokens. Applicable only to the user types of: ORGANIZATION, PARTNER. |
Event
| PERMISSION | DESCRIPTION |
|---|---|
| WRITE_ALERT_STATUS | Allows the user to acknoledge an event. |
| READ_ALERT_TROUBLESHOOTING_HISTORY | Allows the user to read the event troubleshooting history. |
| CLEAR_ALERT | Allows the user to clear manually an active event. |
Maintenance
| PERMISSION | DESCRIPTION |
|---|---|
| READ_MAINTENANCE_REGISTRY | Allows the user to read the maintenance registry. |
| WRITE_MAINTENANCE_REGISTRY | Allows the user to write the maintenance registry. |
Notifications
| PERMISSION | DESCRIPTION |
|---|---|
| RECEIVE_THING_ALERT_NOTIFICATIONS | Allows the user to receive notifications on activation and clearing of alerts. |
| RECEIVE_THING_WORK_SESSION_NOTIFICATIONS | Allows the user to receive notifications about starting and stopping work sessions. Applicable only to the user types of: CUSTOMER. |
Organization
| PERMISSION | DESCRIPTION |
|---|---|
| READ_ORGANIZATION | Allows the user to read the organization's information. Applicable only to the user types of: ORGANIZATION. |
| WRITE_ORGANIZATION | Allows the user to create and manage organizations. Applicable only to the user types of: ORGANIZATION. |
| DELETE_ORGANIZATION | Allows the user to delete organizations. Applicable only to the user types of: ORGANIZATION. |
| READ_ALL_ORGANIZATIONS | Allows the user to read all organizations registered within the tenant. |
| READ_ORGANIZATION_AUTHORIZATION | Allows the user to read organizations' authorizations. Applicable only to the user types of: ORGANIZATION. |
| WRITE_ORGANIZATION_AUTHORIZATION | Allows the user to manage organization' authorizations. Applicable only to the user types of: ORGANIZATION. |
Partner
| PERMISSION | DESCRIPTION |
|---|---|
| READ_PARTNER | Allows the user to read the partners' information. |
| WRITE_PARTNER | Allows the user to create and manage partners. |
| DELETE_PARTNER | Allows the user to delete partners. |
| READ_PARTNER_AUTHORIZATION | Allows the user to read partners' authorizations. |
| WRITE_PARTNER_AUTHORIZATION | Allows the user to manage partners' authorizations. Applicable only to the user types of: ORGANIZATION, PARTNER. |
| RECEIVE_PARTNER_AUTHORIZATION_UPDATE_NOTIFICATION | Allows the user to receive a notification on partner authorizations updates. |
Security
| PERMISSION | DESCRIPTION |
|---|---|
| READ_API_KEY | Allows the user to read the API Key configured on partner or customer entities. |
| WRITE_API_KEY | Allows the user to write, manage and delete API Keys. Applicable only to the user types of: ORGANIZATION. |
| READ_AUDIT | Allows the user to read audit for user activities and events. |
| WRITE_PAT | Allows the user to write personal access tokens. |
Testing
| PERMISSION | DESCRIPTION |
|---|---|
| READ_THING_TEST | Allows the user to read thing test sessions. |
| WRITE_THING_TEST | Allows the user to manage thing test sessions. |
| READ_CONNECTION_TEST | Allows the user to read the connection tests. Applicable only to the user types of: ORGANIZATION, PARTNER. |
| WRITE_CONNECTION_TEST | Allows the user to start connection tests. Applicable only to the user types of: ORGANIZATION, PARTNER. |
User
| PERMISSION | DESCRIPTION |
|---|---|
| READ_USER | Allows the user to read the users' information. |
| WRITE_USER | Allows the user to create, manage and delete users. |
| READ_ALL_USERS | Allows the user to read all users registered within the tenant. |
| READ_USER_PERMISSIONS | Allows the user to read other users' permissions. |
| WRITE_USER_PERMISSIONS | Allows the user to manage users' permissions. |
| NEVER_SUSPEND | Allows the user to never expire even if inactive for a long time. |
| WRITE_USER_STATUS | Allows the administrator to update the user status. |
| READ_GUEST_USER | Allows the user to read the invited guest users. |
| INVITE_GUEST_USER | Allows the user to invite new users. |
| WRITE_USER_NOTIFICATION_SETTINGS | Allows the user to edit notification preference of another user. Applicable only to the user types of: ORGANIZATION, PARTNER. |
Tagging
| PERMISSION | DESCRIPTION |
|---|---|
| WRITE_TAG | Allows the user to write tag definitions. |
| WRITE_THING_TAG | Allows the user to tag a thing. |
Store
| PERMISSION | DESCRIPTION |
|---|---|
| READ_ORDER | BUYER: allows the user to view all created orders. PROVIDER: allows the user to view all received orders. The Orders tab is visible on the Store page. |
| PLACE_ORDER | BUYER: allows the user to place an order.
The checkout button is available in the Cart tab of the Store page. Applicable only to the user types of: CUSTOMER, PARTNER. |
| WRITE_ORDER | PROVIDER: allows the user to add notes to an order or change the order status. Applicable only to the user types of: ORGANIZATION, PARTNER. |
| READ_SUBSCRIPTION | CUSTOMER: allows the user to access the list of subscriptions in the Store page. The Subscriptions tab is visible in the Store page. ORGANIZATION: allows the user to access the Subscription of a Thing or Customer. The Subscription tab is visible in the Thing or Customer editing page. |
| WRITE_SUBSCRIPTION | Allows the user to modify the subscription of a Thing or Customer. |
| READ_PAYMENTS | CUSTOMER: allows the user to read all payments made by himself.
The Payments tab is visible on the Store page.
ORGANIZATION: allows the user to read all payments associated with the visible Customers.
The Payments tab is visible on the Store page. Applicable only to the user types of: ORGANIZATION, CUSTOMER. |
| WRITE_PAYMENTS | Allows the user to modify a payment of a Customer. Applicable only to the user types of: ORGANIZATION. |
Spare Parts
| PERMISSION | DESCRIPTION |
|---|---|
| READ_SPARE_PART | Allows the user to read spare parts. |
| WRITE_SPARE_PART | Allows the user to write a spare part. |
| DELETE_SPARE_PART | Allows the user to delete a spare part. |
Product Models
| PERMISSION | DESCRIPTION |
|---|---|
| WRITE_PRODUCT_MODEL | Allows the user to write a product model. |
| DELETE_PRODUCT_MODEL | Allows the user to delete a product model. |
Consumable
| PERMISSION | DESCRIPTION |
|---|---|
| WRITE_CONSUMABLE_STOCK | Allows the customer user to manage the stock. |
Comments
0 comments
Please sign in to leave a comment.