RapidIdentity uses Roles to manage access and authorization across modules and their respective components. They can be viewed as labels for directory groups that share similar privileges.
Table 33. Roles
Module | Role | Privileges |
|---|
Connect | Connect Admin | Can see all Connect module information Can do all things related to files, jobs, logs, and status Can do all things related to action sets
NoteThe System Admin and Tenant Admin roles have these privileges as well. |
Connect Auditor | Can view and export files, jobs, and logs Can view and export action sets Can view details of existing RESTPoints, OAuth1 Consumers, and OAuth2 Credentials
|
Connect Operator | Can see all Connect module information Can do all things related to files, jobs, logs, and status Can view, export, and run Action Sets Can view details of existing RESTPoints, OAuth1 Consumers, and OAuth2 Credentials
|
Reports | Portal Reporting Admin | Can see all Reports module information Can create and run reports, along with the ability to export, import, and modify reports
|
Portal Reporting Manager | |
Portal Reporting Viewer | Can only view and run saved Reports module reports |
Studio | Studio Admin | |
Studio Operator | |
Studio Auditor | |
System | API Developer | Allows access to the embedded RapidIdentity API documentation. See RapidIdentity Developer Guides. Allows location of an API endpoint that could be called from a custom UI, a Connect Action Set, or wherever web services requests can be generated
since version 2019.8.13 |
Tenant Admin | System role that enables configuration of an IDaaS tenant instance Can enable and disable an Identity Automation employee (e.g., Support Engineer) to log in to the IDaaS environment as a system administrator
NoteThis configuration is a special use case. See Tenant for more details.Tenant Login since version 2019.8.13 |
Portal Administrator | NoteThis role alone cannot access the Configuration module. |