Users and permissions

Users

Sign In

SecObserve supports two types of users:

Internally managed users: You need a username and password given by a SecObserve administrator and use the SIGN IN WITH USER button.
Users managed in Azure AD: The button SIGN IN WITH MICROSOFT will redirect you to login page of Microsoft.

Users have specified permissions depending on their type and role in a product.

User types

The user type can be set by flags in the user administration:

Superusers are the administrators of the system.
External users do not belong to the organization, e.g. customers or partners.
Internal users are all users who are not superusers or external users.

There are some general permissions based on the user's type:

	Internal	External	Superuser
Create Product	X	-	X

View General Rules	X	X	X
Create General Rules	-	-	X
Edit General Rules	-	-	X
Delete General Rules	-	-	X

Access Admin UI	-	-	X

Roles and permissions

Product Members

While superusers have permission to view and edit all data, internal and external users must be a product member with a specific role to access the product and its data:

	Reader	Writer	Maintainer	Owner	Upload
View Product	X	X	X	X	-
Import Observations	-	X	X	X	X
Edit Product	-	-	X	X	-
Delete Product	-	-	-	X	-

View Observation	X	X	X	X	-
Create Observation	-	X	X	X	-
Edit Observation ¹⁾	-	X	X	X	-
Assess Observation	-	X	X	X	-
Delete Observation	-	-	-	X	-

View Product Rules	X	X	X	X	-
Create Product Rules	-	-	X	X	-
Edit Product Rules	-	-	X	X	-
Apply Rules to Product	-	-	X	X	-
Delete Product Rules	-	-	X	X	-

View API Configuration	X	X	X	X	-
Create API Configuration	-	-	X	X	-
Edit API Configuration	-	-	X	X	-
Delete API Configuration	-	-	X	X	-

View Product Member	X	X	X	X	-
Create Product Member	-	-	X ²⁾	X	-
Edit Product Member	-	-	X ²⁾	X	-
Delete Product Member	-	-	X ²⁾	X	-

¹⁾ Only manually created observations can be edited

²⁾ Maintainers are not allowed to manipulate Owners of that product