Configuring Access

Anne Ramey

Service Portal has a security structure dependent on roles with one exception: Space Admin. Space Admin is a platform permission that gives the user the rights to administer the space and related items.

Roles

Roles are special teams used only for access and not for working items. Service Portal comes with the following roles preconfigured:

  • Contractor
  • Data Admin
  • Employee
  • Form Developer
  • Submission Support
  • Task Developer
  • Vendor

Security Policies

The roles are built into various security policies at the space and kapp level to allow for desired access control. Security Policies are evaluated in much the same way as Service Workflow attributes. When Service access is being determined, the Service is checked first. If no security policy is defined there, the Kapp is checked.

Service Portal comes with the following Security Policies applied:

  • Contractor: Users with this role can see/work Queue Tasks assigned to teams they are members of.
  • Data Admin: Users with this role can manage/set up datastores
  • Employee: Users with this role can see/request Services and can see/work Queue Tasks assigned to teams they are members of.
  • Form Developer: Users with this permission can configure/build services
  • Submission Support: future use
  • Task Developer: Users with this permission can access/build workflows
  • Vendor: Users with this role can see/work Queue Tasks assigned to teams they are members of.