System Defined Roles
System defined roles are provided by AE and have predefined permissions. You cannot modify or delete the roles, or the permissions assigned to the roles.
You can only view the permissions assigned to the roles.
The topic includes the following sections:
When you sign in as an Admin, the following roles are available:
List of System defined roles
When you sign in as an Admin, the following system defined roles are available:
-
Admin Users with Admin role are responsible for maintaining the system for a specific tenant. The Admin can create users, workflows, and so on, for the tenant. The Admin is a super user having all the permissions of Activity Monitor, Agent Admin,Workflow Administrator, User Admin, and User.
-
Activity Monitor Users with role Activity Monitor are responsible for AE monitoring. The user with Activity Monitor role has access to the following AE features:
- Home (Dashboard view only)
- Reports
- Agent Monitoring (view only)
- Requests (view only)
-
Agent Admin Users with Agent Admin role are responsible for controlling or managing agents.
-
Workflow Admin Users with Workflow Admin role are responsible for maintaining all the workflows for a specific tenant.
-
User Admin Users with User Admin role are responsible for maintaining users with User and User Admin roles for a specific tenant. A User Admin can also manage the Tenant Policy.
-
User Users with User role have the lowest level of access to the system. The users can perform the following actions:
- Run the workflows and view the results.
- Publish workflows if permission to a category is provided.
- Update a workflow if they have permission to the workflow or category.
Note:In the current release, users with the User role cannot upload workflow level files.
View role permissions
You can view the permissions assigned to various system defined roles.
To view role permissions:
-
In the menu, click Roles. The Roles page appears.
-
On the page, click System Defined Roles tab. List of system defined roles appear.
-
View the following field details:
Field Name Description Roles Displays the system defined roles. The roles are:
- *Activity Monitor
- Agent Admin
- Workflow Admin
- User Admin
- User
- AdminDescription Displays the description of the roles. Last Updated Displays the date and time the role details were updated. Actions Click to view the role permissions. -
In the Actions column, click
. The permissions page of the selected role appears as follows:
-
View the following field details:
Field Name Description Role Name Displays the name of the role. Description Displays the description of the role. Web Access Portal Displays the selected checkbox.
Note: If the checkbox is selected, then users can sign in to AEUI with both API and UI access. Else, the user will have only API access to allowed modules.Permissions Capability Displays the name of capability that the role is assigned. Description Displays the description of the capability. Permission Displays the permission granted for a capability or sub-capability assigned to the role. Permission values are: Allow or Deny.
Note: To view the permission at the sub-capability level, click each capability. If each sub-capability has either Allow or Deny, then at the Capability level the permission is seen as, Allowed All or Deny All.
For example,
If the permission at sub-capability level is a mix of Allow and Deny, then neither Allow All or Deny All is selected at the Capability level.
For example,
Impact Displays the impact of the assigned capability.
Impact values are: High or Medium.
High: Permissions impacting the business highly. For example, permission to delete a tenant.
Medium: Permissions impacting the business, but at the user level in a tenant. For example, permission to enable or disable the workflows.
- You can search for a capability by providing the name of the capability or description.
- You can also filter the view based on permission and / or the impact.