Managing Administration Permissions
When configuring App Portal, you will need to specify which users and groups can view and modify settings on the various App Portal views on the Admin tab. This secures the App Portal site settings to the listed groups and users. You configure administrative security on the Admin Security View , which is opened by selecting Admin Security under Site Management on the Admin tab.
On each of the tabs of the Admin Security View , you can view and edit the security settings ( Read , Write , Delete ) for existing users and groups for that particular role.
However, you assign initial permissions to a user or group for all roles on the pop-up dialog box that opens when you click Add User/Group on the Admin Security View .
Permissions are the “most restrictive model”. For example, if a user is in two groups where one is granted Read permission and the other granted Write permission, the permissions will be Read; they are not cumulative.
Adding a User or Group to Admin Roles
To add a user or group to Admin roles, perform the following steps:
To add a user or group to Admin roles:
- On the Admin tab, open the Site Management > Admin Security view.
- Click the Add User/Group button. The following dialog box opens:
- Use the search fields to locate the user or group that you want to add.
-
To assign rights to Microsoft Entra ID users and groups, Make sure that Microsoft Entra ID is configured successfully. Once the configuration is complete, the tenant name will be visible in the drop down, enabling you to proceed with assigning rights.
-
- Select the appropriate permissions from the Assign rights fields for each listed role. Under Assign rights , the following roles are listed:
| Role | Permission |
|---|---|
| Site Management | Can view, create / modify, or delete configuration items under the following subnodes of Site Management: Site Management > Admin Security Site Management > Catalog Security Site Management > Settings (all subnodes except Active Directory) Site Management > Imported Users and Computers Site Management > Logs Site Management > ITSM & Cloud Integration Site Management > Categories Site Management > Commands and Actions |
| Active Directory | Can view, create / modify, or delete configuration items under the following nodes: Site Management > Settings > Active Directory Site Management > Active Directory |
| Catalog Management | Can view, create / modify, or delete items under the following nodes: Catalog Management > Create New Catalog Item Catalog Management > Current Catalog Items Catalog Management > Catalog Catalog Management > Catalog Categories Catalog Management > Expressions Catalog Management > Workflows Catalog Management > Workflow Status |
| Approval Groups | Can view, create / modify, or delete items under the following nodes: Catalog Management > Approval Groups |
| Question Management | Can view, create / modify, or delete items under the following nodes: Catalog Management > Questions |
| Compliance Management | Can view, create / modify, or delete items under the following nodes: Compliance Management |
| Deployment Management | Can view, create / modify, or delete items under the following nodes: Deployment Management |
| Report Management | Can view, create / modify, or delete items under the following nodes: Report Management |
| Site Communication | Can view, create / modify, or delete items under the following nodes: Site Management > Communication |
| REST API | Enables access to all REST API endpoints. |
- Click Assign Rights to add the user or group. The selected user or group will now have access to the specified roles.