Role Management

Roles are predefined sets of permissions that correspond to specific job functions or responsibilities within an organization. Each role defines a collection of access rights necessary to perform the associated tasks.

Access to the Unifyia platform is regulated by role-based access control as defined in the FIPS 210-3. The platform offers granular user controls by allowing role-based access privileges. It has default roles with a predefined set of permissions to perform a specific job. This approach simplifies the management of user permissions and enhances security by ensuring that users only have access to the resources necessary for their job functions. With granular role-based access privileges, you can

  • map permissions to roles.
  • enable separation of duties.
  • restrict particular actions to designated personnel.
  • allow visibility of workflows based on the role.
  • change new or existing role definitions as per your organization's policy.

List of Predefined Roles

Parameters Description
Administrator Can manage all aspects of onboarding of other privileged users, configurations, integrations, access control, and monitoring. Can create users and assign all types of roles, issue identities, and manage the allowed lifecycle actions of the issued identities.
Sponsor Can sponsor new users
Registrar Can enroll/register sponsored users
Adjudicator Can review user enrollment details and decide whether to approve or deny
Security Officer Can review user enrollment details and decide whether to approve or deny
Identity Issuer Can issue identities to users
Helpdesk Operator Manage lifecycle activities of the issued identities and user-related incidents 
User An applicant who can get approved credentials issued, self-issue additional identities as per organization's policies, and can self manage them.

The role management feature in the Unifyia platform allows you to do the following:

  • Enable and disable the predefined roles
  • Edit the role to add new or remove assigned privileges and device actions

Manage Roles

  1. Log in to the Unifyia platform with administrative credentials.
  2. On the dashboard, navigate to Access Control > Roles.
  3. A list of roles is displayed. By default, all the roles are enabled.
  4. To disable a role, slide the toggle button under the status column to the left side. To enable a role, slide the toggle button to the right side.
  5. To edit a role and change the access privileges, do the following:
    1. Select the pencil icon.
    2. The General Information tab appears. You cannot edit any fields under this section.
    3. Go to the Assign Permissions tab. You will find all the currently assigned and allowed permissions. Select or deselect permissions to change the role definition. Select Update to save the changes.
    4. Go to the Assign Device Actions tab. You will find all the currently assigned and allowed device actions. Select or deselect the device actions as required to change the device action privileges. Select Update to save the changes.

Back Next
On this page