Manage authorization roles

Authorization roles determine application access.

Default authorization roles

The Genero Identity Provider (GIP) comes with three default application roles:

Role.Admin: The Role.Admin authorization role is intended for your GIP admin. An admin manages the users and provides their permissions.
Role.Supervisor: The Role.Supervisor authorization role is intended for supervisors. A supervisor installs new applications for a set of users and/or groups.
Role.User: The Role.User authorization role is intended for your standard user. A user runs the installed applications.

Add an authorization role

You can add new authorization roles.

To add an authorization role, select Security > Authorization, then click Create. Enter the new authorization role name (it must start with "Role.") and description. Click OK to save your changes.

Once added:

It appears as a role (under the Authorization roles) when you are working with Groups (you can add it to a group)
It appears in the user-specific role list when you go to manage a user.
It appears as a possible authorization role for an application.

Modify an authorization role

You can change the name and/or description of an existing authorization role.

To modify an authorization role, select Security > Authorization. Select the row containing the authorization role to modify. Click Change. The fields for the selected authorization role become editable.

The Name field must start with the preface "Role."

When you have completed your edits, click OK to save your changes.

Remove an authorization role

To remove an authorization role, select Security > Authorization. Select the row containing the authorization role to remove and click Remove. A confirmation dialog appears asking you to confirm your selection, as the removal cannot be undone.