Users and permissions
Users
SecObserve supports two types of users:
- Internally managed users: You need a username and password given by a SecObserve administrator and use the
SIGN IN WITH USER
button. - Users managed in Azure AD: The button
SIGN IN WITH MICROSOFT
will redirect you to login page of Microsoft.
Users have specified permissions depending on their type and role in a product.
User types
The user type can be set by flags in the user administration:
- Superusers are the administrators of the system.
- External users do not belong to the organization, e.g. customers or partners.
- Internal users are all users who are not superusers or external users.
There are some general permissions based on the user's type:
Internal | External | Superuser | |
---|---|---|---|
Create Product Groups | X | - | X |
Create Product | X | - | X |
View General Rules | X | X | X |
Create General Rules | - | - | X |
Edit General Rules | - | - | X |
Delete General Rules | - | - | X |
Access Admin UI | - | - | X |
Roles and permissions
While superusers have permission to view and edit all data, internal and external users must be a product member with a specific role to access the product and its data. Product members of a product group have access to all products of that group with their respective role.
Reader | Writer | Maintainer | Owner | Upload | |
---|---|---|---|---|---|
View Product Group | X | X | X | X | - |
Edit Product Group | - | - | X | X | - |
Delete Product Group | - | - | - | X | - |
View Product | X | X | X | X | - |
Import Observations | - | X | X | X | X |
Edit Product | - | - | X | X | - |
Delete Product | - | - | - | X | - |
View Observation | X | X | X | X | - |
Create Observation | - | X | X | X | - |
Edit Observation 1) | - | X | X | X | - |
Assess Observation | - | X | X | X | - |
Delete Observation | - | - | - | X | - |
View Product Rules | X | X | X | X | - |
Create Product Rules | - | - | X | X | - |
Edit Product Rules | - | - | X | X | - |
Apply Rules to Product | - | - | X | X | - |
Delete Product Rules | - | - | X | X | - |
View API Configuration | X | X | X | X | - |
Create API Configuration | - | - | X | X | - |
Edit API Configuration | - | - | X | X | - |
Delete API Configuration | - | - | X | X | - |
View Product Member | X | X | X | X | - |
Create Product Member | - | - | X 2) | X | - |
Edit Product Member | - | - | X 2) | X | - |
Delete Product Member | - | - | X 2) | X | - |
1) Only manually created observations can be edited
2) Maintainers are not allowed to manipulate Owners of that product