Roles and site access for users
The text in this article primarily focuses on user roles and site access, but it also applies to application roles and site access. |
The Roles and site access tab (via: menu Users > click on a user) lists the sites to which the user has been granted access and the roles the user has been assigned.
When creating a new user, first grant the user access to sites, then assign feature permissions by assigning roles.
Additionally, existing users can modify their site access and assigned roles using the three-dot button on this page.
Granting site access to users
First, you choose which sites to give the user access to. This can be a selection of sites or the full organization. If you choose the full organization option, the user will have access to all sites, including any added to the organization in the future.
Assigning roles to users
Before assigning roles, ensure that you have created the roles that match your desired organizational setup. More information on Roles. |
It's strongly recommended that your organization have at least two administrators (users with the user management permission). |
After granting site access, assign feature permissions to the user by assigning roles. A role can be assigned at either the organizational level or the site level. At the organization level, you can assign roles both via the Users tab per user and via the Roles tab per role. At the site level, you can assign roles only to users via the Users tab.
You can assign one or more roles to a user. If a user is assigned multiple roles, the sum of the permissions in the roles applies.
A role can potentially contain both site-specific and organization-wide permissions.
The following example illustrates the permissions that result when roles are assigned at both the organizational and site levels.
a, d: organization-wide permissions* (can only be assigned at the organizational level)
b, c, e: site-specific permissions* (may be assigned at the site level)
* Indicated for all user permissions for Building Automation in the Explanation of user permissions in (Building Automation).
In this example, the user has been granted access to 2 of the organization's 3 sites. The user has been assigned 2 roles, one at the organization level and one at the site level. Both roles include organization-wide permissions (purple) and site-specific permissions (blue).
Permissions b and e, granted through role 1, apply to all sites to which you have given the user access
Permission d, granted through role 2, is a permission that cannot be granted at the site level as it is an organization-wide permission. As a result, this permission will not apply to this user. Please note that you will be notified when assigning a role at the site level that contains organization-wide permissions.
Although it is recommended to utilize roles, it is also possible at the organizational level to grant user-specific permissions. To do this, go to the Feature permissions tab for the user (more info).
If the user’s permissions change, they may need to re-sign in for the changes to take effect. |