Work with Roles
In AE, there are two types of roles that you can work with, System Defined Roles and User Defined Roles.
-
System Defined Roles, as the name indicates, are default roles provided by AutomationEdge.
-
User Defined Roles, as the name indicates, are custom roles, created by tenant users. The tenants can create multiple custom roles, and assign permissions as required.
The chapter includes the following topics:
System Defined Roles
System defined roles are provided by AE and have predefined permissions. You cannot modify or delete the roles or the permissions assigned to the roles.
You can only view the permissions assigned to the roles. When you sign in as a System Administrator, the following two roles are available:
License Administrator
The License Administrator manages the tenant licenses, fetches license
history, and so on.
System Administrator
The System Administrator is the super user, and manages the AE server
across tenants. System Administrator handles all the global settings,
tenant creation, and so on.
View role permissions
You can only view the permissions assigned to the system defined roles.
To view role permissions:
-
In the menu, go to Roles. The Roles page appears.
-
On the page , click System Defined Roles tab. The list of roles appears.
Figure 69:System Defined Roles
-
In the action column, click
The selected role's permission details page
appears. For example, if you select License Admin, the permission
page appears as follows: 
Figure 70: Permissions
- The following details are available:
| Field Name | Description |
|---|---|
| Role Name | Displays the name of the role. |
| Description | Displays the description of the role. |
| Web Portal Access | Displays the selected checkbox. |
| If the checkbox is selected, then users can sign in to AEUI with both, API and | |
| UI access. Else, the user will have only API access to allowed modules. | |
| Permissions | |
| Capability | Displays the name of capability that the role is assigned. |
| Description | Displays the description of the capability. |
| Permission | Displays the permission granted for a capability or sub-capability assigned to the role. |
| Permission values are: Allow or Deny. To view the permission at the sub-capability level, click each capability: | |
| If each sub-capability has either Allow or Deny, then at the Capability level the permission is seen as, Allowed All or Deny All. For example, | |
 | |
| If the permission at sub-capability level is a mix of Allow and Deny, then neither Allow All nor Deny All is selected at the Capability level. For example, | |
 | |
| Impact | Displays the impact of the assigned capability. |
| Impact values are: High or Medium. | |
| High: Permissions impacting the business highly. For example, permission to delete a tenant. | |
| Medium: Permissions impacting the business, but at the user level in a tenant. For example, permission to enable or disable the workflows. |
You can search for a capability by providing the name of the capability or description. You can also filter the view based on permission and / or the impact.
User Defined Roles
You can create new roles. The roles can be based on the system defined roles, which will have same set of permissions. However, you can modify the permissions. Or, you can create a completely new role to which you can assign the required permissions.
To create new roles
-
In the menu,go to Roles. The Roles page appears.
-
On the page, click the User Defined Roles tab, click New Role. The New Role page appears.
Figure 71: New Role
- Enter the following field details:
| Field Name | Description |
|---|---|
| Role Name | Enter a name for the role you want to create. |
| Description | Enter a description of the role. |
| Select Template Role | Select the role based on which you want to create the new role. Available options are: |
| - License Administrator | |
| - System Administrator | |
| Web Portal Access | Select the checkbox to allow users to sign in to AEUI with both, API and UI access. |
| If the checkbox is clear, then the user will have only API access to allowed modules and will be unable to access the UI pages. For example, see the following screenshot | |
 | |
| You will be unable to modify the permission of the Workflow Operations Page, which is accessed through the UI. However, you can modify permissions of other sub-capabilities that can be accessed through the API. | |
| Permissions | Note: If you select the system defined role for creating the new role, then by default all the system defined role's permissions are assigned to the new role. However, you can modify the permission details. |
| Capability | Displays the name of capability that you can assign to the role. |
| Description | Displays the description of the capability. |
| Permission | Displays the permission available for each capability. |
| If you want to assign complete permissions to a capability, click Allow All. Else, click on the capability and provide permission at sub-capability level. | |
 | |
| Similarly, you can deny permission at the capability or sub-capability level. | |
| Impact | Displays the impact of the assigned capability. |
| Impact values are: High or Medium. | |
| High: Permissions impacting the business highly. For example, permission to delete a tenant. | |
| Medium: Permissions impacting the business, but at the user level in a tenant. For example, permission to enable or disable the workflows. |
- Click Save. The new role details are saved.
To modify the role and permission details, click 
To delete the role, click 
The new roles appear in the Role list in the Users g User List g Add New User page
