Managing Roles
This section looks at how to manage roles from the OwnIdP dashboard.
The roles of a user can be managed by a SuperAdmin from the Roles section of the left menu. The Roles dashboard will display the available OwnIdP administrator roles on the left and the roles for the selected federation on the right.
Here, you can:
  • create a role using the Add button,
  • updated a role using the pencil icon
    ,
  • delete a role using the trashcan icon
    .

Authorisation matrix

Below is the authorisation matrix of the standard OwnIdP roles.
The CRUD acronym in the below table has the following meaning:
  • C = Create
  • R = Read
  • U = Update
  • D = Delete
Rights
SuperAdmin
Functional Manager
Admin
UserAdmin
Manage Settings
RU
-
-
-
Manage user roles and organisation types
CRUD
-
-
-
Manage own organisation
CRU
CRU
R
-
Manage other (main-level) organisations
CRUD
CRU
-
-
Manage own sub-organisation(s)
CRUD
CRU
CRUD
-
Manage sub-organisations of other organisations
CRUD
CRU
-
-
Manage users of own organisation(s)
CRUD
CRUD
CRUD
CRUD
Manage users of other organisation(s)
CRUD
CRUD
CRUD*
CRUD*
*Only for own sub-organisations
Note: An admin level cannot add or remove anything that has a higher admin level then their own rights.
Copy link