Roles and Permissions
Nimbus uses a roles and permissions system that allows Luware partners to distribute administrative permissions further. This level of delegation is possible down to a (single) service administrator level or simple login and use-permissions.
By combining these roles with our Organization Unit concept a very detailed access on data entities and UI view permissions can be configured. Both concepts are explained on this page.
Nimbus Role | Login to Admin UI | Access to Service Live Reporting Data | Access to Service Historical Reporting Data | Permissions | Description | Diagram |
---|---|---|---|---|---|---|
Partner Administrator |
| Granted by Luware Support for selected Service Partners.
|
| |||
Tenant Administrator TENANT ADMIN |
| Granted by Luware Support or Service Partners during first Nimbus Installation. | ||||
Service Administrator TEAM OWNER | |
| Service administration rights can be granted in multiple ways, depending on Service type.
| |||
User TEAM MEMBERS |
| Nimbus users accounts are added from your Tenant's user directory. All users may log into Nimbus using their credentials, but only see services when they become Team members or Service Agents.
|
Data and User access control concept
To better understand the user access control of Nimbus we need to explain a few related concepts:
- Each configurable element in Nimbus is called a data entity. Most entities are assigned to one Organization Unit (OU).
- Users are also considered data entities and thus assigned to one OU. Their roles are defined by the access permissions granted within that OU.
- The final access concept combines combines OU and Role, answering the following questions:
- OU = Where does a user have access / what can be seen by that user?
- Role = What can the user do on visible entities (create | read | update | delete)?
Learning: Depending on OU and role assignment Nimbus users can see and do different things within their respective service teams.