Admin access role

In this example, we will define a role that grants users access to the following menu options in the webconsole:

• User administration.
• Provisioning.
• Audit log viewer.

The implement the above, follow the high-level steps described below.

1. Create a role.
2. Assign the appropriate menus to the role.
3. Assign the role to one or more users.

Assigning menus to a role

Since steps 1 and 3 have been defined elsewhere, this section will focus on assigning menus to a role to achieve the objectives above.

Define Access Roles

As indicated above, menus can be associated with roles to define access into both the webconsole and SelfService portal in a consistent way. The two examples below will describe how to define:

• Admin access where access to select part of the webconsole is required.
• End user access where access to select parts of the SelfService is required.

Special steps for webconsole menus access

Access to menus of webconsole requires special authorization step, because actions performed in webconsole and even data shown on webconsole pages are security sensitive.

To allow members of role (or group) to have access in ebconsole you should link role (or group) with resource of two URI patterns: /webconsole/rest/api/* and /webconsole/*.

How to do it:

1. Log in to webconsole and go to Access Control > Content providers > choose the Content provider where you'd like to provide access to role (or group members).
2. In the list of URI patterns find /webconsole/rest/api/* and click the Edit icon.
3. On the top of page find Linked to Resource and click the link provided. You will be redirected to the page of a resource.
4. Go to the Entitlements page and add target role (or group) as a member of the resource.
5. Repeat same steps for /webconsole/* URI pattern.