User Permissions

  • 5 minute(s) read

User types and API Keys are associated with a set of permissions, each one enabling a feature or read/write capability on a specific object.

The following is a list of permits grouped according to the topic they are intended for.

Customer

PERMISSION

DESCRIPTION

READ_CUSTOMER

Allows the user to read the customers' information.

WRITE_CUSTOMER

Allows the user to create and manage customers (ORGANIZATION, PARTNER), write customer's information (CUSTOMER).

DELETE_CUSTOMER

Allows the user to delete customers.

CUSTOMER_ACCOUNT_ADMINISTRATOR

Allows the user to manage the customer account.
Applicable only to the user types of: CUSTOMER.

READ_ALL_CUSTOMERS

Allows the user to read all customers registered within the tenant.

IMPORT_CUSTOMERS

Allows administrative users to import customer data in a bulk way.
Applicable only to the user types of: ORGANIZATION, PARTNER.

Location

PERMISSION

DESCRIPTION

READ_LOCATION

Allows the user to read the location's information.

WRITE_LOCATION

Allows the user to create and manage (ORGANIZATION, PARTNER), write location's information (CUSTOMER).

DELETE_LOCATION

Allows the user to delete locations.

IMPORT_LOCATIONS

Allows administrative users to import locations data in a bulk way.

Thing

PERMISSION

DESCRIPTION

READ_THING

Allows the user to read the things' information.

WRITE_THING

Allows the user to create and manage things.

DELETE_THING

Allows the user to delete things.

READ_ALL_THINGS

Allows the user to read all things of the tenant.

WRITE_THING_OPTION

Allows the user to set Thing's options.

WRITE_METRIC_VALUE

Allows the user to set a metric value.

DELETE_METRIC_VALUE

Allows the user to delete a metric value.

EXPORT_DATA

Allows the user to execute a bulk data export for the visible things.

WRITE_WORK_SESSION

Allows the user to manually create a work session.

REGISTER_THING

Allows the user to register new things without an owner.

WRITE_THING_ACTIVATION

Allows the user to activate a new thing.

READ_CLOUD_STATUS

Allows the service manager to read the thing cloud status.

WRITE_CLOUD_STATUS

Allows the service manager to change the thing cloud status.
Applicable only to the user types of: ORGANIZATION.

READ_CERTIFICATE

Allows the administrator to read the thing certificates.
Applicable only to the user types of: ORGANIZATION, PARTNER.

WRITE_CERTIFICATE

Allows the administrator the management of the thing certificates.
Applicable only to the user types of: ORGANIZATION, PARTNER.

WRITE_SIM

Allows the user to verify and change the status of the SIM installed within the product.
Applicable only to the user types of: ORGANIZATION.

READ_USER_AUTHORIZATION

Allows the user to read the user authorizations on customer's Things.
Applicable only to the user types of: CUSTOMER.

WRITE_USER_AUTHORIZATION

Allows the user to read the user authorizations on customer's Things.
Applicable only to the user types of: CUSTOMER.

RESET_USER_AUTHORIZATION

Allows the user to reset the user to thing authorizations.
Applicable only to the user types of: CUSTOMER.

READ_RULE

Allows the user to read the thing's defined rules.

WRITE_RULE

Allows the user to write, manage and delete thing's defined rules.

Thing Remote Control

PERMISSION

DESCRIPTION

EXECUTE_THING_COMMAND

Allows the user to execute commands on the connected things.

SET_THING_PARAMETER

Allows the user to set configuration parameters to the connected things.

UPDATE_FIRMWARE

Allows the technichian to trigger firmware upates.

EXECUTE_BULK_UPDATE

Allows the user to perform a bulk update.

WRITE_RECIPE

Allows the user the edit recipes.

READ_TASK

Allows the user to read the task's information.

WRITE_TASK

Allows the user to create, manage and delete tasks.

Thing Connection

PERMISSION

DESCRIPTION

READ_CONNECTION_MAPPING

Allows the user to read connection mappings.

WRITE_CONNECTION_MAPPING

Allows the user to configure connection mappings.

READ_THING_CONNECTION_TOKENS

Allows the user to read the registered connection tokens.

WRITE_THING_CONNECTION_TOKENS

Allows the user to register new connection tokens.
Applicable only to the user types of: ORGANIZATION, PARTNER.

Event

PERMISSION

DESCRIPTION

WRITE_ALERT_STATUS

Allows the user to acknoledge an event.

READ_ALERT_TROUBLESHOOTING_HISTORY

Allows the user to read the event troubleshooting history.

CLEAR_ALERT

Allows the user to clear manually an active event.

Maintenance

PERMISSION

DESCRIPTION

READ_MAINTENANCE_REGISTRY

Allows the user to read the maintenance registry.

WRITE_MAINTENANCE_REGISTRY

Allows the user to write the maintenance registry.

Notifications

PERMISSION

DESCRIPTION

RECEIVE_THING_ALERT_NOTIFICATIONS

Allows the user to receive notifications on activation and clearing of alerts.

RECEIVE_THING_WORK_SESSION_NOTIFICATIONS

Allows the user to receive notifications about starting and stopping work sessions.
Applicable only to the user types of: CUSTOMER.

Organization

PERMISSION

DESCRIPTION

READ_ORGANIZATION

Allows the user to read the organization's information.
Applicable only to the user types of: ORGANIZATION.

WRITE_ORGANIZATION

Allows the user to create and manage organizations.
Applicable only to the user types of: ORGANIZATION.

DELETE_ORGANIZATION

Allows the user to delete organizations.
Applicable only to the user types of: ORGANIZATION.

READ_ALL_ORGANIZATIONS

Allows the user to read all organizations registered within the tenant.

READ_ORGANIZATION_AUTHORIZATION

Allows the user to read organizations' authorizations.
Applicable only to the user types of: ORGANIZATION.

WRITE_ORGANIZATION_AUTHORIZATION

Allows the user to manage organization' authorizations.
Applicable only to the user types of: ORGANIZATION.

Partner

PERMISSION

DESCRIPTION

READ_PARTNER

Allows the user to read the partners' information.

WRITE_PARTNER

Allows the user to create and manage partners.

DELETE_PARTNER

Allows the user to delete partners.

READ_PARTNER_AUTHORIZATION

Allows the user to read partners' authorizations.

WRITE_PARTNER_AUTHORIZATION

Allows the user to manage partners' authorizations.
Applicable only to the user types of: ORGANIZATION, PARTNER.

RECEIVE_PARTNER_AUTHORIZATION_UPDATE_NOTIFICATION

Allows the user to receive a notification on partner authorizations updates.

Security

PERMISSION

DESCRIPTION

READ_API_KEY

Allows the user to read the API Key configured on partner or customer entities.

WRITE_API_KEY

Allows the user to write, manage and delete API Keys.
Applicable only to the user types of: ORGANIZATION.

READ_AUDIT

Allows the user to read audit for user activities and events.

WRITE_PAT

Allows the user to write personal access tokens.

Testing

PERMISSION

DESCRIPTION

READ_THING_TEST

Allows the user to read thing test sessions.

WRITE_THING_TEST

Allows the user to manage thing test sessions.

READ_CONNECTION_TEST

Allows the user to read the connection tests.
Applicable only to the user types of: ORGANIZATION, PARTNER.

WRITE_CONNECTION_TEST

Allows the user to start connection tests.
Applicable only to the user types of: ORGANIZATION, PARTNER.

User

PERMISSION

DESCRIPTION

READ_USER

Allows the user to read the users' information.

WRITE_USER

Allows the user to create, manage and delete users.

READ_ALL_USERS

Allows the user to read all users registered within the tenant.

READ_USER_PERMISSIONS

Allows the user to read other users' permissions.

WRITE_USER_PERMISSIONS

Allows the user to manage users' permissions.

NEVER_SUSPEND

Allows the user to never expire even if inactive for a long time.

WRITE_USER_STATUS

Allows the administrator to update the user status.

READ_GUEST_USER

Allows the user to read the invited guest users.

INVITE_GUEST_USER

Allows the user to invite new users.

WRITE_USER_NOTIFICATION_SETTINGS

Allows the user to edit notification preference of another user.
Applicable only to the user types of: ORGANIZATION, PARTNER.

Tagging

PERMISSION

DESCRIPTION

WRITE_TAG

Allows the user to write tag definitions.

WRITE_THING_TAG

Allows the user to tag a thing.

Store

PERMISSION

DESCRIPTION

READ_ORDER

BUYER: allows the user to view all created orders. PROVIDER: allows the user to view all received orders. The Orders tab is visible on the Store page.

PLACE_ORDER

BUYER: allows the user to place an order. The checkout button is available in the Cart tab of the Store page.
Applicable only to the user types of: CUSTOMER, PARTNER.

WRITE_ORDER

PROVIDER: allows the user to add notes to an order or change the order status.
Applicable only to the user types of: ORGANIZATION, PARTNER.

READ_SUBSCRIPTION

CUSTOMER: allows the user to access the list of subscriptions in the Store page. The Subscriptions tab is visible in the Store page. ORGANIZATION: allows the user to access the Subscription of a Thing or Customer. The Subscription tab is visible in the Thing or Customer editing page.

WRITE_SUBSCRIPTION

Allows the user to modify the subscription of a Thing or Customer.

READ_PAYMENTS

CUSTOMER: allows the user to read all payments made by himself. The Payments tab is visible on the Store page. ORGANIZATION: allows the user to read all payments associated with the visible Customers. The Payments tab is visible on the Store page.
Applicable only to the user types of: ORGANIZATION, CUSTOMER.

WRITE_PAYMENTS

Allows the user to modify a payment of a Customer.
Applicable only to the user types of: ORGANIZATION.

Spare Parts

PERMISSION

DESCRIPTION

READ_SPARE_PART

Allows the user to read spare parts.

WRITE_SPARE_PART

Allows the user to write a spare part.

DELETE_SPARE_PART

Allows the user to delete a spare part.

Product Models

PERMISSION

DESCRIPTION

WRITE_PRODUCT_MODEL

Allows the user to write a product model.

DELETE_PRODUCT_MODEL

Allows the user to delete a product model.

Consumable

PERMISSION

DESCRIPTION

WRITE_CONSUMABLE_STOCK

Allows the customer user to manage the stock.